OTP in FreeRADIUS

Abstract

One time passwords (OTP) are a very safe way to implement two factor authentication. So I looked for a easy possibililty to use OTP in FreeRADIUS. I also wanted to use smart phone based OTP generators, since everybody has such a device nowadays. Finally I found a very nice combination of DroidOTP, motp and FreeRADIUS to do the job.

OTP in FreeRADIUS

One time passwords (OTP) are a very safe way to implement two factor authentication. So I looked for a easy possibililty to use OTP in FreeRADIUS. I also wanted to use smart phone based OTP generators, since everybody has such a device nowadays. Finally I found a very nice combination of DroidOTP, motp and FreeRADIUS to do the job.

motp

The heart of the system is the motp program. It implements OTP generation in a similar way RFC 6238 describes. You can download the program from sourceforge. It is implemented as a simple shell script otpverify.sh. You can copy the program to /usr/local/bin. The script need write access to the directory /var/motp directory.

The web site describes the rest of the installation and test. The OTP verification script is called with 5 parameters:

# otpverify.sh username otp init-secret PIN offset

username and otp are the login of the user and the OTP that the client software generates. The init-secret is a 16 byte hex number the initializes your installation of the OTP process. The PIN is the user password that he uses to generate the OTP. offset is needed of there is a time leap between your FreeRADIUS server and the users devices. Normally this should not happen since the time should be synchronized with ntp on both devices so you use 0 for the offset.

The init secret for your setup can be created with

# dd if=/dev/random bs=1 count=16 | hexdump

This number should be really random.

DroidOTP

The next step of the installation is the OTP generator on the smart phone. There are several apps that offer that functionallity. I like DroidOTP most because it gives a clear user interface and also offers the possibility to use several profiles, i.e. that use different init-secrets. So use can use this program to generate OTPs for different sites.

When you installed the program you can add a profile adding the init-secret. You phone askes how to initialize the profile and offers shalking to generate entropy, entering random numbers, or enter the init-secret from above manually. Since you want to have one secret across your site, use the last method.

This is also one drawback of the OTP system. If you tell the users this init-secret the users can install the OTP generator on any device they want. To keep the central control over the OTP devices, the initialization has to be done from the administrator. So he needs physical access to the devices.

After entering the 16 digit number DroidOTP offers the possibility to hide this secret from further visibility.

First Test

Now you can test the setup. Enter a four digit PIN at your DroidOTP. It will show you the calculated OTP. You can verify this by checking the output with the OTP script:

# otpverify.sh user otp init-secret pin offset

Here you can use any string for the user, the otp output from your smartphone, the init-secret that you used to initialize the profile, and the pin that you just entered to generate the OTP. The script should answer SUCCESS.

On the smartphone you can see a time line how long this OTP still is valid. If you enter any of the parameters not correct, the script will answer FAIL.

Return Codes

The return codes of the otpverify.sh script are not straight away usable with FreeRADIUS. The AAA server interpretes the value 3 that the script returns if the user account is locked as an ACCEPT. So you have to edit the script, find the line with the code

exit 3

and replace it with exit 13 or any other nuber higher than 10. Now the script is ready to answer questions.

FreeRADIUS

The last component in this setup is FreeRADIUS as the central AAA server. In a very simple setup you can add an entry in the users file that calls the script. A sample setup would be

<username>    Auth-Type = Accept
      Exec-Program-Wait = "/usr/local/bin/otpverify.sh %{User-Name} %{User-Password} <init-secret> <pin of the user> 0",
      Fall-Through = Yes,
      Reply-Message = "Hello, %{User-Name} authorized by OTP."

Please replace username, init-secret and the pin with the real values of your setup. Please also be sure that the FreeRADIUS user can execute the script and has write access to the script's cache directory.

Now you can test the RADIUS authentication with the radtest program:

# radtest user OTP radius-server 1 shared-radius-secret

Please be sure to replace the username, the radius-server and the shared-radius-secret with the values of your setup. Use the DroidOTP to program to generate your OTP for the test. You shoukd see a Access-Accept answer from the server. Entering any of the parameters wring should result in a Access-Reject from the server. Entering the same OTP twice also returns a Access-Reject even if you enter in the valid time span. Basically this is the meaning of a One Time Password.

Integration

The real integration of the setup into FreeRADIUS to scale for several hundreds of users is left to the reader as an exercise. Hint: This is done via a DEFAULT entry in the users file. There are several sites in the internet describing this task.

Michael Schwartzkopff, 16. March 2013