[RADIATOR] AuthSQLYubikey
Sami Keski-Kasari
samikk at archred.com
Wed May 13 05:47:26 CDT 2009
Hi Mike,
Now it works perfectly.
Thanks,
Sami
Mike McCauley kirjoitti:
> Hello Sami,
>
> thanks for reporting these issues.
> They have now been fixed in the latest patch set.
> We apologise for any inconvenience.
>
> Cheers.
>
> On Friday 08 May 2009 02:00:33 am Sami Keski-Kasari wrote:
>
>> Hello,
>>
>> I am testing Yubikeys and find two issues:
>>
>> 1. Custom AuthSelect doesn't work because of this issue:
>>
>> --- Radius/AuthSQLYUBIKEY.pm-orig 2009-05-06 20:52:40.000000000 +0300
>> +++ Radius/AuthSQLYUBIKEY.pm 2009-05-06 20:53:14.000000000 +0300
>> @@ -17,7 +17,7 @@
>> use MIME::Base64;
>> use strict;
>>
>> -%Radius::AuthSQLDIGIPASS::ConfigKeywords =
>> +%Radius::AuthSQLYUBIKEY::ConfigKeywords =
>> ('AuthSelect' =>
>> ['string', 'SQL query that will be used to fetch Yubikey data from the
>> database. Special characters are permitted, and %0 is replaced with the
>> quoted user name. %1 is replaced with the token ID. The default works
>> with the sample yubikey database created by db_schema.sql from the
>> YubiKey Validation Server.', 0],
>> 'UpdateQuery' =>
>>
>> 2. Replay attack recoqnition is done now only via counter in Radiator.
>> I think that it should be done with counter, timestamp_low and
>> timestamp_high.
>>
>> Now the problem is that if you are using Replay attack recoqnition and
>> need more than one otp password you have to unplug and plug yubikey
>> everytime.
>>
>> Regards,
>> Sami
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>>
>
>
>
>
More information about the radiator
mailing list