[strongSwan] 2 factor in mac os x with native ikev2
karthik kumar
kumarkarthikn at gmail.com
Sun Mar 4 12:23:14 CET 2018
Hi,
Is it possible to do two factor authentication with Mac OS X's IKEv2
native client ? As far as I searched,
a) with strongswan client in osx its possible with eap-gtc and pam + oath
but native client leftauth is always eap-mschapv2 (also confirmed here
<https://wiki.strongswan.org/projects/strongswan/wiki/AppleIKEv2Profile#Authentication-options>
)
b) as per this mail
<https://lists.strongswan.org/pipermail/users/2012-March/002656.html> its
not possible to combine mschapv2 with pam.
c) as per this explanation
<http://lists.freeradius.org/pipermail/freeradius-users/2016-June/083723.html>
the
problem that needs to be solved is *HASH( pw+otp) != HASH(pw) + HASH (otp).
*I am not sure it can be done with strongswan
question:
a) on the server is there a way we can do two factor auth with eap-mschapv2
?
or
b) on the osx native client is there a way we can use eap-gtc with native
client ?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180304/06d5c97c/attachment.html>
More information about the Users
mailing list