Powered by Jitbit .Net Forum free trial version. dismiss

HomeTekOTP

One Time Password (OTP) Generator for Windows based on RFC 2289

How to use Messages in this topic - RSS

dj_sombra
dj_sombra
Posts: 11


28.10.2015
dj_sombra
dj_sombra
Posts: 11
Dear Yasin,


I'm use TekRadius LT, and try to apply TekOTP for authenticate with another app in Windows Server 2008.
The question is, with tekRadius and user-password attrib only, this work. But, when add the authentication-method (OTP-MD5 o MD4), y don't know how to work.
Please, could you explain me how to work TekRadius LT with TekOTP??


Thanks.


BRs
0 link
Admin
Admin
Administrator
Posts: 4622


29.10.2015
Admin
Admin
Administrator
Posts: 4622
Hi,

Commercial editions of TekRADIUS Supports OTP (One Time Password) authentication based RFC 2289. To use OTP authentication, the Authentication-Method attribute needs to be added to User or Group profiles with one of following values: OTP-MD4, OTP-MD5 or OTP-SHA1. The initial value of User-Password must be calculated using an OTP password generator.

The initial password must be generated by unchecking the ‘Six Words Output’ option in TekOTP for PAP authentication. It is necessary to use the six words form of OTP when implementing CHAP or MS-CHAP-v1/v2.

I can provide you a trial key for your TekRADIUS LT installation if you send me your system id displayed at Help / About menu of TekRADIUS Manager.

Best regards,

Yasin KAPLAN
0 link
dj_sombra
dj_sombra
Posts: 11


29.10.2015
dj_sombra
dj_sombra
Posts: 11
Hi Yasin,

Thanks for your answer.
What do yo mean for "Commercial Editions" ??

BRs
0 link
Admin
Admin
Administrator
Posts: 4622


30.10.2015
Admin
Admin
Administrator
Posts: 4622
TekRADIUS Enterprise and TekRADIUS SP. These are, actually, operating modes of TekRADIUS with a registration key. Registration keys can be bough at https://secure.kaplansoft.com/buy/ and I can also provide trial keys.
0 link
dj_sombra
dj_sombra
Posts: 11


30.10.2015
dj_sombra
dj_sombra
Posts: 11
Can you send me a trial key for test???
BRs
0 link
Admin
Admin
Administrator
Posts: 4622


31.10.2015
Admin
Admin
Administrator
Posts: 4622
Please send your system id displayed at Help / About menu of TekRADIUS Manager to info at tekradius.com
0 link
dj_sombra
dj_sombra
Posts: 11


2.11.2015
dj_sombra
dj_sombra
Posts: 11
System ID: AC088D16AF15

Thanks
0 link
Admin
Admin
Administrator
Posts: 4622


3.11.2015
Admin
Admin
Administrator
Posts: 4622
You will receive a trial key shortly.
0 link
dj_sombra
dj_sombra
Posts: 11


3.11.2015
dj_sombra
dj_sombra
Posts: 11
Ok, now y received trial key. How to work now¿?
0 link
Admin
Admin
Administrator
Posts: 4622


3.11.2015
Admin
Admin
Administrator
Posts: 4622
To use OTP authentication, the Authentication-Method attribute needs to be added to User or Group profiles with one of following values: OTP-MD4, OTP-MD5 or OTP-SHA1. The initial value of User-Password must be calculated using an OTP password generator.

The initial password must be generated by unchecking the ‘Six Words Output’ option in TekOTP for PAP authentication. It is necessary to use the six words form of OTP when implementing CHAP or MS-CHAP-v1/v2.
0 link
dj_sombra
dj_sombra
Posts: 11


3.11.2015
dj_sombra
dj_sombra
Posts: 11
Yes, ok, I readed the manual, but not work. The initial value of User-Password in Tek Radius or in application?
What value in the seed for TekOTP?
What value in the password for TekOTP?
What sequence number??

Thanks
0 link
Admin
Admin
Administrator
Posts: 4622


4.11.2015
Admin
Admin
Administrator
Posts: 4622
Enter a arbitrary seed, password in TekOTP. You can keep default sequence number and generate initial password. Generated password will be copied on to clipboard. Set generated password as User-Password in the user profile. You can use this password in your first login attempt. You need to increase sequence number in every successive authentication attempt .
0 link
dj_sombra
dj_sombra
Posts: 11


4.11.2015
dj_sombra
dj_sombra
Posts: 11
Ok, thats right, but dosen't work. When apply this steps with any Value of Authentication-Method (MD4-MD5 or SHA-1) dosen't work. But, if remove the authentication-method in TekRadius, its works.
0 link
Admin
Admin
Administrator
Posts: 4622


4.11.2015
Admin
Admin
Administrator
Posts: 4622
Hi,

Can you send TekRADIUS log entries (Accessible through File menu) after setting log level to debug at Settings / Service Parameters
for a OTP authentication attempt?

Best regards,

Yasin KAPLAN
0 link
dj_sombra
dj_sombra
Posts: 11


4.11.2015
dj_sombra
dj_sombra
Posts: 11
User-Name = PRUEBA

04.11.2015 09:44:43.078 - OTP authentication is not supported in freeware edition, sending Failure-Reply (Reject).

04.11.2015 09:44:43.078 - Authentication failed for user 'PRUEBA'

RadAuth req. from : 192.168.20.7:48002 [UDP] - 04.11.2015 09:46:23.031
Size : 46 / 46
Identifier : 94
Attributes

Not apply the trial key
0 link
Admin
Admin
Administrator
Posts: 4622


4.11.2015
Admin
Admin
Administrator
Posts: 4622
Have copied Registration.key file in to TekRADIUS application directory as instructed?
0 link
dj_sombra
dj_sombra
Posts: 11


4.11.2015
dj_sombra
dj_sombra
Posts: 11
uff... sorry, my ID is: AC088D16AF51
0 link
dj_sombra
dj_sombra
Posts: 11


4.11.2015
dj_sombra
dj_sombra
Posts: 11
User-Name = PRUEBA

04.11.2015 12:29:23.453 - Check items control for user 'PRUEBA' - Start (Group: Default).

04.11.2015 12:29:23.453 - Check items control for user 'PRUEBA' - Stop (Group: Default).

04.11.2015 12:29:23.468 - OTP authentication failed, sending Failure-Reply (Reject).

04.11.2015 12:29:23.468 - Authentication failed for user 'PRUEBA'

RadAuth req. from : 192.168.20.7:48002 [UDP] - 04.11.2015 12:31:13.328
Size : 46 / 46
Identifier : 107
Attributes :

User-Name = PRUEBA

04.11.2015 12:31:13.328 - Check items control for user 'PRUEBA' - Start (Group: HOLA).

04.11.2015 12:31:13.328 - Check items control for user 'PRUEBA' - Stop (Group: HOLA).

04.11.2015 12:31:13.328 - OTP authentication failed, sending Failure-Reply (Reject).

04.11.2015 12:31:13.328 - Authentication failed for user 'PRUEBA'
0 link
dj_sombra
dj_sombra
Posts: 11


4.11.2015
dj_sombra
dj_sombra
Posts: 11
User-Name = PRUEBA

04.11.2015 12:50:25.562 - Check items control for user 'PRUEBA' - Start (Group: HOLA).

04.11.2015 12:50:25.625 - Check items control for user 'PRUEBA' - Stop (Group: HOLA).

04.11.2015 12:50:25.625 - Authentication successfull for user 'PRUEBA'

04.11.2015 12:50:25.625 - Fetching Success-Reply items - Start.

04.11.2015 12:50:25.625 - Fetching Success-Reply items for user 'PRUEBA' - Stop.

Yeah..... in the application, the secuence number are incremented in one more and its works.
Thanks Yasin
0 link
Admin
Admin
Administrator
Posts: 4622


4.11.2015
Admin
Admin
Administrator
Posts: 4622
You welcome
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software