Manualshelf

HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
171172173174175176177178179180
Notes:
1. The HP-UX AAA Server supports only the token information that is stored in the
SQL database.
2. The HP-UX AAA Server supports only the following EAP authentication methods
for OTP authentication:
PEAP (EAP-GTC)
TTLS (PAP and MS-CHAP v2)
IMPORTANT NOTES:
After using the sample reference implementation and before deploying your
implementation in a production environment, you must change the default
passwords for database user, test user, and the shared secret of the test user.
If the shared secret provided by the token vendor is in ASCII format, edit the
/etc/opt/aaa/sqlaccess.config file to change the following entry in the
RetrieveUserAndToken SQL action:
DBC(RAD_TOKENS_TABLE.shared_secret, 128, CHAR) FUNC(AAASetConvertedHexToBinaryString)
to
DBC(RAD_TOKENS_TABLE.shared_secret, 128, CHAR) RAD(Otp-Shared-Secret, REPLY)
and reload the configuration changes.
If you are using the RetrieveToken SQL action, then the following entry must
be modified as follows:
DBC(shared_secret, 128, CHAR) FUNC(AAASetConvertedHexToBinaryString)
to
DBC(shared_secret, 128, CHAR) RAD(Otp-Shared-Secret, REPLY)
and reload the configuration changes.
180 OATH Standards-Based OTP Authentication