EAP-OTP support
Jouni Malinen
j at w1.fi
Wed Apr 4 02:06:21 PDT 2018
On Tue, Apr 03, 2018 at 04:11:36PM -0700, James Prestwood wrote:
> I am wondering if hostapd supports EAP-OTP. I see code in
> wpa_supplicant for it, but nothing in hostapd. I am trying to test EAP-
> OTP with PEAP and have a user file:
>
> # Phase 1 users
> * PEAP [ver=1]
> # Phase 2
> "secure at identity.com" OTP "testpasswd" [2]
>
> Running with this file I get:
>
> Unsupported EAP type 'OTP' on line 4 in '/tmp/eap-user-peap-otp.text'
No, there is no support for EAP-OTP in hostapd EAP server. The EAP
method itself would be trivial to add, but the main reason for not
having added that is in the password configuration or a lack of any
convenient mechanism to interface with dynamic password generation. A
fixed password in the EAP user database is not exactly the model in
which OTP is supposed to be used.
Do you have a specific use case in mind for EAP-OTP?
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list