<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p><font face="Carlito">No, neither HOTP works...</font><br>
</p>
<br>
<div class="moz-cite-prefix">Op 07-06-16 om 17:09 schreef Prashant
Bapat:<br>
</div>
<blockquote
cite="mid:CAN9aUrgG2koTFDvhvSRx18QxBCBZNo00qoG4ao2Q8vmuDDwVuw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-family:trebuchet
ms,sans-serif">Do HOTP tokens work fine ?</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 7 June 2016 at 20:37, Winfried de
Heiden <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:wdh@dds.nl" target="_blank">wdh@dds.nl</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p><font face="Carlito">Hi all,</font></p>
<p><font face="Carlito"><br>
</font></p>
<p><font face="Carlito">Yes I check that one also. The
IPA-server is running ntp and is is sync. The FreeOTP
app is running on my phone which is synced by network,
all looks fine....</font></p>
<p><font face="Carlito"><br>
Forgot to mention; this IPA-server is running on
Fedora ARM on a Bananapi. non-otp logins go well.</font></p>
<p><font face="Carlito"><br>
</font></p>
<p><font face="Carlito">Winny<br>
</font></p>
<p><font face="Carlito"><br>
</font></p>
<p><br>
</p>
<br>
<div>Op 07-06-16 om 16:56 schreef Prashant Bapat:<br>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_default">If this is TOTP (time
based) you want to double check the time is
properly set in both the server (NTP) and the
device that is generating the OTP tokens. I have
had issues with this with my users couple of
times. </div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 7 June 2016 at 19:43,
Alexander Bokovoy <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:abokovoy@redhat.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:abokovoy@redhat.com">abokovoy@redhat.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex"><span>On Tue, 07 Jun
2016, Winfried de Heiden wrote:<br>
</span>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex"> Hi all,<span><br>
I tried the FreeIPA webUI, ssh and "su -
otpuser", all the same result.<br>
</span></blockquote>
Ok.<span><br>
<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex"> Jun
07 14:44:37 ipa.blabla.bla
krb5kdc[5887](info): AS_REQ<br>
(6 etypes {18 17 16<br>
23 25 26}) <a
moz-do-not-send="true"
href="http://192.168.1.251"
rel="noreferrer" target="_blank">192.168.1.251</a>:
NEEDED_PREAUTH:<br>
<a moz-do-not-send="true"
href="mailto:otpuser@BLABLA.BLA"
target="_blank">otpuser@BLABLA.BLA</a>
for krbtgt/<br>
<a moz-do-not-send="true"
href="mailto:BLABLA.BLA@BLABLA.BLA"
target="_blank">BLABLA.BLA@BLABLA.BLA</a>,
Additional pre-authentication<br>
required<br>
Jun 07 14:44:37 ipa.blabla.bla
krb5kdc[5887](info): closing<br>
down fd 12<br>
Jun 07 14:44:42 ipa.blabla.bla
krb5kdc[5888](info): preauth<br>
(otp) verify<br>
failure: Connection timed out<br>
<br>
I just cannot figure out what's
going wrong. What is trying<br>
to connect to<br>
causing this timeout? (yep, I
disabled firewalld for<br>
this...)<br>
</blockquote>
</span> What is the output of systemctl
status ipa-otpd.socket<br>
?<br>
<br>
if it is disabled, do<br>
<br>
systemctl enable ipa-otpd.socket<br>
systemctl start ipa-otpd.socket
<div>
<div><br>
<br>
-- <br>
/ Alexander Bokovoy<br>
<br>
-- <br>
Manage your subscription for the
Freeipa-users mailing list:<br>
<a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go to <a moz-do-not-send="true"
href="http://freeipa.org"
rel="noreferrer" target="_blank">http://freeipa.org</a>
for more info on the project<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>