multiotp icon indicating copy to clipboard operation
multiotp copied to clipboard

Published 20 hours ago verified publisher icon multiOTP

Bug : MS-CHAP-v2 / ntmlv1/ntmlv2

Open jurgele opened this issue 6 years ago • 5 comments

Hello,

I'm trying to setup multiOTP 5.4.1.6 (PHP version 5.6.27) and FreeRADIUS 2.2.5 with OTP only (no PIN) and MS-CHAP-v2. I downloaded the multiOTP Hyper-V image and upgraded the multiOTP. The setup works with PAP, CHAP and MS-CHAP but does not work with MS-CHAP-v2. I receive ERROR: Authentication failed (and other possible unknown errors).

I ask kindly for some directions on how to investigate the cause of error.

Kind regards,

Gregor

jurgele avatar Aug 08 '19 08:08 jurgele

Hello, we will look into this in the next few days. Have a great day. Yann

multiOTP avatar Aug 22 '19 12:08 multiOTP

Hello, This is an old issue now. Could you confirm that MS-CHAPv2 is now working for you, at least with the last version 5.8.1.9 ? Regards,

multiOTP avatar Mar 27 '21 12:03 multiOTP

Posting to this issue as it seems that something is going completely wrong with the mschapv2 challenge and response generation with multiotp for otp verification. My guess is, looking at the code at CalculateMsChap2Response, that multiotp is doing ntlmv1 hashes for mschapv2 when literally everything on the planet does ntlmv2 these days and ntlmv1 is completely disabled.

zapotah avatar Dec 08 '21 07:12 zapotah

Hello, Thanks a lot for the info. We are planning on looking at this in January 2022. Best regards.

multiOTP avatar Dec 09 '21 13:12 multiOTP