You can view which tokens are assigned to each user from the Users/Groups tab of a GreenRADIUS domain or you can view which users are assigned to which tokens on the List Tokens screen.
Programmed YubiKeys (whether programmed in traditional Yubico OTP mode or OATH-HOTP mode) have secrets associated with each YubiKey. These secrets files must be imported into GreenRADIUS before the YubiKeys can be used.
Secrets can be imported under the Import Secrets tab:
You must select the correct format option depending on which token type you are
importing. If importing Yubikey OTP secrets, select the
Cross-Platform option. If importing
OATH token secrets, select
Import OATH Tokens.
Once you have chosen a file format, you will be prompted to select the file containing the secrets.
You can view all locally saved tokens in the List Tokens tab. This tab displays every token saved in the GreenRADIUS database (this does not include pre-programmed Yubikeys, as their secrets are stored in the YubiCloud). It also lists the user assigned to each token andthe user's domain.
There are several ways to assign tokens to users in GreenRADIUS:
Auto Provisioning, described in the previous section, enables users to simply log in with a YubiKey and have it auto-assigned. This is the simplest way to assign YubiKeys (whether OTP or OATH).
The Self-Service Portal allows users to add tokens to themselves manually. It is
https://<ip address of GRVA>/. From the Self-Service Portal, users
register YubiKeys or Google Authenticator (or similar soft tokens) by scanning a displayed QR
code with their phone.
The GreenRADIUS administrator can manually assign tokens to users from the web admin console in either the List Tokens tab or in the Users/Groups tab of the GreenRADIUS domain.
You will need to enter the user's name in the canonical
Some other methods have their own ways of assigning tokens. U2F tokens are automatically assigned as part of the login process with our 2FA for Windows Logon solution. Our "Green Rocket 2FA" mobile apps have a simple registration process.
© 2020 Green Rocket Security Inc. All rights reserved.