[RADIATOR] AuthSQLYubikey
Sami Keski-Kasari
samikk at archred.com
Thu May 7 11:00:33 CDT 2009
Hello,
I am testing Yubikeys and find two issues:
1. Custom AuthSelect doesn't work because of this issue:
--- Radius/AuthSQLYUBIKEY.pm-orig 2009-05-06 20:52:40.000000000 +0300
+++ Radius/AuthSQLYUBIKEY.pm 2009-05-06 20:53:14.000000000 +0300
@@ -17,7 +17,7 @@
use MIME::Base64;
use strict;
-%Radius::AuthSQLDIGIPASS::ConfigKeywords =
+%Radius::AuthSQLYUBIKEY::ConfigKeywords =
('AuthSelect' =>
['string', 'SQL query that will be used to fetch Yubikey data from the
database. Special characters are permitted, and %0 is replaced with the
quoted user name. %1 is replaced with the token ID. The default works
with the sample yubikey database created by db_schema.sql from the
YubiKey Validation Server.', 0],
'UpdateQuery' =>
2. Replay attack recoqnition is done now only via counter in Radiator.
I think that it should be done with counter, timestamp_low and
timestamp_high.
Now the problem is that if you are using Replay attack recoqnition and
need more than one otp password you have to unplug and plug yubikey
everytime.
Regards,
Sami
More information about the radiator
mailing list