Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
865
Views
0
Helpful
1
Replies

YubiKey RADIUS Authentication for Oracle Database

amiguel
Level 1
Level 1

‎02-02-2023 11:10 AM

I am protecting an Oracle Database through RADIUS authentication using the DUO Auth Proxy. Everything is working as expected using DUO push, or the 6 digit passcode. However, we now have a use case to use YubiKey and this seems to not work. Any thoughts and recommendation how I can get this factor to work? We tried generating a code by capturing it through a notepad/textpad, copying that YubiKey generated (very long alpha/numeric) code and using as the passcode. That did not work.

Thank you.
Aurelio

Labels:
0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎02-06-2023 02:34 PM

Is there an error message in either the online Authentication Log in the Admin Panel or in the Authentication Proxy’s local log that gives a reason for not accepting the YubiKey OTP?

You did import the YubiKey OTP token as a hardware token to assign to the user performing the test? If a user enrolls a YubiKey that supports both FIDO2 and OTP as a Duo WebAuthn security key it still needs to be imported separately for OTP use.

Does the effective authentication methods policy for the RADIUS application and given user permit use of hardware tokens?

If all those have been checked, is it possible the authenticating RADIUS device or application restricts the length of the user-password attribute (not RFC 2865 compliant) so it can’t accommodate the 44-char YubiKey OTP??

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents