[RADIATOR] TOTP/HOTP question

Matthew Reeves-Hairs matthew.reeves-hairs at willowict.com
Thu Sep 16 14:52:54 CDT 2010 

Hi, can anyone give any pointers as to how to resync a TOTP and HOTP token.

How far out can the clock be, between the server and the token?  Is say 10-15 seconds acceptable?

<Client 192.168.100.1 HOTP>
        Secret  xxxxxxxx
        DupInterval 0
</Client>

<Client DEFAULT>
        Secret  xxxxxxx
        DupInterval 0
</Client>

<Realm HOTP>
        <AuthBy SQLHOTP>
                DBSource        xxxxxxxxxxxxx
                DBUsername      xxxxxxxxx
                DBAuth          xxxxxxxxx
                DefaultDigits 6
                MaxBadLogins 20
                BadLoginWindow 10
                ResyncWindow 20
                NoEAP
        </AuthBy>
</Realm>
<Realm DEFAULT>
        <AuthBy SQLTOTP>
                DBSource        xxxxxxxxxxx
                DBUsername      xxxxxxxxx
                DBAuth          xxxxxxxxxx

                MaxBadLogins 99
                BadLoginWindow 100
                DelayWindow 100
                TimeStep 30
                # You can also support EAP-OTP and/or EAP-GTC, besides PAP
                EAPType OTP GTC
                #EAPType GTC OTP

        </AuthBy>
</Realm>


Thanks

Matthew Reeves-Hairs MBCS
(CCNA, CCNP, CCDA)
Director

Willow ICT Limited
13 Willow Close
Great Hormead
Hertfordshire, SG9 0NW
Mobile: +44 (0)7912 202627
Fax: +44 (0)7092 361501
matthew.reeves-hairs at willowict.com
http://www.willowict.com

Please consider the environment before printing this email.

The content of this email and any attachment is private and may be privileged.  If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised.  If you have received this email in error please notify the sender by email and delete this message and any attachments immediately.  Nothing in this email shall bind the Company in any contract or obligation, unless we have specifically agreed to be bound.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100916/d8f2e4a9/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 6546 bytes
Desc: not available
Url : http://www.open.com.au/pipermail/radiator/attachments/20100916/d8f2e4a9/attachment.png

More information about the radiator mailing list