Showing results for 
Search instead for 
Did you mean: 

YubiKey RADIUS Authentication for Oracle Database


I am protecting an Oracle Database through RADIUS authentication using the DUO Auth Proxy. Everything is working as expected using DUO push, or the 6 digit passcode. However, we now have a use case to use YubiKey and this seems to not work. Any thoughts and recommendation how I can get this factor to work? We tried generating a code by capturing it through a notepad/textpad, copying that YubiKey generated (very long alpha/numeric) code and using as the passcode. That did not work.

Thank you.

1 Reply 1

Cisco Employee
Cisco Employee

Is there an error message in either the online Authentication Log in the Admin Panel or in the Authentication Proxy’s local log that gives a reason for not accepting the YubiKey OTP?

You did import the YubiKey OTP token as a hardware token to assign to the user performing the test? If a user enrolls a YubiKey that supports both FIDO2 and OTP as a Duo WebAuthn security key it still needs to be imported separately for OTP use.

Does the effective authentication methods policy for the RADIUS application and given user permit use of hardware tokens?

If all those have been checked, is it possible the authenticating RADIUS device or application restricts the length of the user-password attribute (not RFC 2865 compliant) so it can’t accommodate the 44-char YubiKey OTP??

Duo, not DUO.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Quick Links