Open hex-m opened 1 year ago
EchedelleLR
commented
1 month ago If that is the thing, how is that YubiKey is supported in FreeRADIUS using PAM as backend?
https://developers.yubico.com/yubico-pam/YubiKey_and_FreeRADIUS_via_PAM.html
Would not be possible to use FreeRADIUS PAM authentication and implementing privacyIDEA support through its PAM plugin to bring FreeRAIUS with WebAuthn support?
hex-m
commented
1 month ago From your link:
Two-factor legacy Username + password + YubiKey OTP authentication for RADIUS server
YubiKey-Devices support other protocols than FIDO2/WebAuthn.
EchedelleLR
commented
1 month ago In my case, I am only interested in WebAuthn since I use SoloKeys.
Edit: okay now I see what you say.
But if PI already supports PAM with FIDO and FreeRADIUS supports using PAM module, would not be possible?
nilsbehlen
commented
1 month ago hi, our pam does currently not support fido2. however, it can easily be implemented, it is just a matter of having the time. if freeradius could use the pam module, that would be great and maybe a reason to implement fido2 sooner. Do you know of any pam module or combination that makes fido2 work with freeradius?
Is it possible to support WebAuthn via RADIUS?
From my understanding this may be hard - similar to push tokens where @cornelinux mentioned: