[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] openVPN + OTP


  • Subject: Re: [Openvpn-users] openVPN + OTP
  • From: "Caleb Pal" <m1009@xxxxxxxxxxxx>
  • Date: Thu, 28 Jun 2007 16:25:41 -0600

Hello,

I have SecurID + openvpn working with the PAM module. You must have the ACE 
server setup, and define your agent hosts (clients that can access the Ace 
server, such as localhost, or another machine on your LAN. Install the 
authentication client software on all machines that will auth against 
SecurID/PAM. Add your users and tokens to the Ace server, and activate the 
users on the agent hosts that you want them to be able to auth from. The 
newest pam module did not work with my version of Debian Linux, I ended up 
using an older version of the pam module, 5.3.4 IIRC. If you do not want to 
auth with PAM, use radius. I never did have any luck with RSA's Radius 
Server on debian, but then again, none of the software, including the Ace 
Server, is meant to run on debian. Thats basically how it is done, there are 
many parts that I didn't cover that you will need to read into. The SecurID 
docs cover it fairly well.

Caleb 


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users