PHP Classes

File: raspberry/how-to-build-a-raspberry-strong-authentication-server.txt

Recommend this page to a friend!
  Classes of André Liechti  >  multiOTP PHP class  >  raspberry/how-to-build-a-raspberry-strong-authentication-server.txt  >  Download  
File: raspberry/how-to-build-a-raspberry-strong-authentication-server.txt
Role: Documentation
Content type: text/plain
Description: Documentation
Class: multiOTP PHP class
Authenticate and manage OTP strong user tokens
Author: By
Last change:
Date: 4 months ago
Size: 3,526 bytes


Class file image Download
How to build a Raspberry Pi RADIUS strong two factors authentication server in some easy steps ?

(c) 2010-2022 SysCo systemes de communication sa

Current build: (2022-05-08)

Supported Raspberry Pi hardware: 1B/1B+/2B/3B/3B+/4B

0) If you want to download a multiOTP Raspberry Pi image ready to use, follow this URL:
   Nano-computer name: multiotp
   IP address: (netmask:, default gateway:
   Username: pi
   Password: raspberry
   You can now flash the SD Card (check point 3) and 4) if needed), put the SD Card
   into the Raspberry Pi and boot it. You can go directly to point 15)
1) If you want to use a battery backed up Real Time Clock, install it now in your
   Raspberry Pi, the drivers for these models are included in the package:
2) Download the last image of Raspbian Lite to be flashed (currently

3) Format your SD Card using the SD Card Association’s formatting tool

4) Flash the raw image using the universal Windows/macOS/Linux Etcher from Balena:
   or Win32DiskImager for Windows:
   or the dd UNIX tool
   This should take about 10 minutes.

5) Copy all files from multiotp/raspberry/boot-part to the root of the SD Card
   (it could overwrite some files like config.txt, were we have already enabled the I2C)

6) When copy is done, eject the SD Card

7) Connect the Raspberry Pi to the local network

8) Put the SD card into the Raspberry Pi and boot it

9) Login directly on your Raspberry Pi, or using SSH, with the default username "pi" and the password "raspberry"

10) Launch the initial configuration by typing sudo raspi-config

11) Choose the following options
    1) Change User Password
    2) Network options
       N1) N1 Hostname (change the hostname to your favorite name, for example "multiotp")
    4) Localization Options (if needed)
    7) Advanced Options
       A1) Expand Filesystem

12) Select Finish and answer "<Yes>" to reboot, or type "sudo reboot"

13) Login again directly (after about 30 seconds) on your Raspberry Pi, or using SSH, with the default username "pi" and your new password

14) Type "sudo /boot/"
    Everything is done automatically (it will take about 35 minutes) and the Raspberry Pi will reboot automatically at the end

15) The fixed IP address is set to, with a default gateway at
    To adapt the network configuration, edit the file /etc/network/interfaces

16) Congratulations! You have now an open source and fully OATH compliant
    strong two factors authentication server!
    Surf on http(s):// to use the basic interface (admin / 1234)

17) The default radius secret is set to myfirstpass for the subnet
    To adapt the freeradius configuration, edit the file /etc/freeradius/clients.conf.

For more information send a message to info at phpclasses dot org.