radotp

command module

v1.0.0 Latest Latest Go to latest Published: Dec 13, 2021 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

RadOTP is a Radius server that is designed for "SSL VPN" authentication with two-factor authentication mechanisms.

It has a built-in "LDAP client," and it can connect to Microsoft Active Directory.
main reason to use radOTP is its fantastic feature: two-factor authentication using One Time password "OTP."
users activity is exposed to Prometheus and Grafana for alerting and monitoring purposes.
It has a web interface to manage users.
interactive mode using radius Access-Challenge.
high availability, data saved in Postgres SQL. if you want HA, then make a Postgres cluster.
it works in three modes:
only_password: authenticate users against Active Directory or any LDAP/LDAPS server.

only_otp: authenticate users with OTP database only.

two_fa: two factors authenticate mode. AD password + OTP code.

Download RadOTP and install it by:

sudo install ./radotp /usr/local/bin/

if you want to run it as a service, you must make a new systemd serivce.

install PostgreSQL and configure it.
edit radotp.conf (radotp.conf can be in current directory or in /etc/radotp/) then start radotp (or radotp service):

radotp

in your browser, type IP_ADDRESS:8080 and use the admin/admin password to log in and manage users.
Then Download Google Authenticator and scan the QR code.
Config Cisco or Fortinet firewalls to use radOTP (Radius) as authentication source:
Fortigate
Cisco ASA

MIT

There is no documentation for this package.