command
module
Version:
v1.0.0
Opens a new window with list of versions in this module.
Published: Dec 13, 2021
License: MIT
Opens a new window with license information.
Imports: 6
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
README
¶
RadOTP
About The Project
RadOTP is a Radius server that is designed for "SSL VPN" authentication with two-factor authentication mechanisms.
-
It has a built-in "LDAP client," and it can connect to Microsoft Active Directory.
-
main reason to use radOTP is its fantastic feature: two-factor authentication using One Time password "OTP."
-
users activity is exposed to Prometheus and Grafana for alerting and monitoring purposes.
-
It has a web interface to manage users.
-
interactive mode using radius Access-Challenge.
-
high availability, data saved in Postgres SQL. if you want HA, then make a Postgres cluster.
-
it works in three modes:
only_password: authenticate users against Active Directory or any LDAP/LDAPS server.
only_otp: authenticate users with OTP database only.
two_fa: two factors authenticate mode. AD password + OTP code.
How to Install
Download RadOTP and install it by:
sudo install ./radotp /usr/local/bin/
if you want to run it as a service, you must make a new systemd serivce.
How to Use it:
- install PostgreSQL and configure it.
- edit radotp.conf (radotp.conf can be in current directory or in /etc/radotp/) then start radotp (or radotp service):
radotp
-
in your browser, type IP_ADDRESS:8080 and use the admin/admin password to log in and manage users.
-
Then Download Google Authenticator and scan the QR code.
-
Config Cisco or Fortinet firewalls to use radOTP (Radius) as authentication source:
Fortigate
Cisco ASA
License
MIT
Documentation
¶
There is no documentation for this package.
Source Files
¶
Directories
¶
pkgs
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Click to show internal directories.
Click to hide internal directories.