Manualshelf

HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
161162163164165166167168169170
Notes:
1. The HP-UX AAA Server supports only the token information that is stored in the
SQL database.
2. The HP-UX AAA Server supports only the following EAP authentication methods
for OTP authentication:
PEAP (EAP-GTC)
TTLS (PAP)
IMPORTANT NOTES:
After using the sample reference implementation and before deploying your
implementation in a production environment, you must change the default
passwords for database user, test user, and the shared secret of the test user.
If the shared secret provided by the token vendor is in hexadecimal format, edit
the /etc/opt/aaa/sqlaccess.config file to change the following entry in
the RetrieveUserAndToken SQL action:
DBC(RAD_TOKENS_TABLE.shared_secret, 128, CHAR) RAD(Otp-Shared-Secret, REPLY)
to
DBC(RAD_TOKENS_TABLE.shared_secret, 128, CHAR) FUNC(AAASetConvertedHexToBinaryString)
and reload the configuration changes.
If you are using the RetrieveToken SQL action, then the following entry must
be modified as follows:
DBC(shared_secret, 128, CHAR) RAD(Otp-Shared-Secret, REPLY)
to
DBC(shared_secret, 128, CHAR) FUNC(AAASetConvertedHexToBinaryString)
and reload the configuration changes.
166 OATH Standards-Based OTP Authentication