RE: x99 token authentication

Yes. Their demo tokens *are* software tokens. You must install the EUS
to be able to enter your PIN associated with their tokens and obtain a
OTP from the token. You can then enter the OTP as your password in
response to the challenge from the RADIUS server. Some applications
also have plugins (e.g. a GINA module and a Cisco VPN3000 plugin that
allow you to simply enter your PIN and the OTP is automatically returned
to the authentication server) but most don't.

Rgds,

Guy

> -----Original Message-----
> From: freeradius-users-admin@lists.freeradius.org=20
> [mailto:freeradius-users-admin@lists.freeradius.org] On=20
> Behalf Of Maqbool Hashim
> Sent: 19 May 2005 17:16
> To: freeradius-users@lists.freeradius.org
> Subject: Re: x99 token authentication
>=20
>=20
> Thanks. Is there no way that you can get away from installing their=20
> software? I suppose you have to install the software if you want to=20
> initialize the tokens, right?
>=20
> Guy Davies wrote:
>=20
> >Hi Maqbool,
> >
> >It's easier to use PAP and simply proxy the requests to the (very
> >trivial) RADIUS frontend on the CRYPTOCard server. I've got that=20
> >working with EAP-TTLS/PAP. The inner PAP auth carries the=20
> username/otp=20
> >generated from the CRYPTOCard EUS.
> >
> >Rgds,
> >
> >Guy
> >
> > =20
> >
> >>-----Original Message-----
> >>From: freeradius-users-admin@lists.freeradius.org
> >>[mailto:freeradius-users-admin@lists.freeradius.org] On=20
> >>Behalf Of Maqbool Hashim
> >>Sent: 19 May 2005 16:57
> >>To: freeradius-users@lists.freeradius.org
> >>Subject: x99 token authentication
> >>
> >>
> >>Hi,
> >>
> >>I have downloaded a trial version of the Cryptocard=20
> software from the
> >>website. This comes with 10 software tokens. I am trying to=20
> >>get these=20
> >>tokens to work with the x99 module in freeradius.
> >>
> >>Anyone have any ideas on how to extract the key for the Software
> >>tokens? The cryptocard software generates a .token file. I=20
> >>think the=20
> >>key is stored in here in an encrypted format. Has anyone=20
> managed to=20
> >>reverse engineer the file, or know another way of getting the key?
> >>
> >>
> >>Thanks in advance
> >>
> >>Regards,
> >>
> >>Maqbool
> >>
> >>-
> >>List info/subscribe/unsubscribe? See=20
> >>http://www.freeradius.org/list/users.html
> >>
> >> =20
> >>
> >
> >This e-mail is private and may be confidential and is for=20
> the intended=20
> >recipient only. If misdirected, please notify us by=20
> telephone and confirm that it has been deleted from your=20
> system and any copies destroyed. If you are not the intended=20
> recipient you are strictly prohibited from using, printing,=20
> copying, distributing or disseminating this e-mail or any=20
> information contained in it. We use reasonable endeavours to=20
> virus scan all e-mails leaving the Company but no warranty is=20
> given that this e-mail and any attachments are virus free. =20
> You should undertake your own virus checking. The right to=20
> monitor e-mail communications through our network is reserved by us.
> >
> >
> >
> >-
> >List info/subscribe/unsubscribe? See=20
> http://www.freeradius.org/list/users.html
> > =20
> >
>=20
>=20
> -=20
> List info/subscribe/unsubscribe? See=20
> http://www.freeradius.org/list/users.html
>=20

This e-mail is private and may be confidential and is for the intended =
recipient only. If misdirected, please notify us by telephone and =
confirm that it has been deleted from your system and any copies =
destroyed. If you are not the intended recipient you are strictly =
prohibited from using, printing, copying, distributing or disseminating =
this e-mail or any information contained in it. We use reasonable =
endeavours to virus scan all e-mails leaving the Company but no warranty =
is given that this e-mail and any attachments are virus free. You =
should undertake your own virus checking. The right to monitor e-mail =
communications through our network is reserved by us.=20



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html