Hi,
at the moment we’re using a https-Wrapper-Service in our firewall-appliance to manage restricted access to some of our websites. For two factor authentication we’re using privacyIDEA as radius server. Most of our users/employees are using for one time password generation the "Google Authenticator" App. Some are using "Feitian C-200" (but I do not like the C-200, because I do not know how to program a new seed by myself). Both generators are based on the quite simple TOTP Algorithm (
https://tools.ietf.org/html/rfc6238). The https-password is a combination of a fixed password directly followed by the TOTP password.
Because we want to change the firewall-appliance, we have to find a new solution. Is it possible (or is it a planned feature for the near future) to handle authentication in stunnel with radius? Or even better/simpler, is TOTP supported by stunnel? I wasn't able to find anything like this in the documentation.
Regards,
Martin