[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL OTP?
Emmanuel Dreyfus <manu@netbsd.org> wrote:
> The cmusaslsecretOTP attribute does not seems to be used at all. I used
> a schema from draft-melnikov-sasl-auxprop-attrs-00.txt, is that wrong?
I found the problem: the authz-regex rule was bad: there is no realm for
OTP. This imprves the situation a lot, and cmusaslsecretOTP is used:
authz-regexp uid=([^,]*),cn=otp,cn=auth ldap:///o=home?sub?(uid=$1)
$ ldapsearch -Y OTP -U user uid=user
SASL/OTP authentication started
Challenge: otp-md5 498 bo8615 ext
Next stage is to actually use it: setting cmusaslsecretOTP properly and
validating the OTP.
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org
- References:
- SASL OTP?
- From: manu@netbsd.org (Emmanuel Dreyfus)