<br>I am not speaking about secret key between Radius and NAS. I am speaking about key material derived at the end of EAP Method. how to send it to the NAS ?<br><br>Anyway, Thanks for the answer.<br><br>Ashola<br><br><b><i>Arran Cudbard-Bell <A.Cudbard-Bell@sussex.ac.uk></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> ashola ashola wrote:<br>> Hi,<br>> <br>> How can we transmit a key from FreeRadius to the NAS (Access Point) ?<br>> <br>> <br>> Ashola<br>> <br>> Get the Yahoo! toolbar and be alerted to new email <br>> <http: us.rd.yahoo.com="" evt="48225/*http://new.toolbar.yahoo.com/toolbar/features/mail/index.php">wherever <br>> you're surfing.<br>> <br>> <br>> ------------------------------------------------------------------------<br>> <br>> - <br>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html<br><br>By
the magic of ssh / snmp / web interface.<br><br>i.e you can't.<br><br><br>Store all your nases in an SQL database and load them into FreeRADIUS <br>using Rlm_SQL.<br><br>You can populate the secrets using this SQL query (if using MySQL)<br><br>UPDATE `nas` SET nas.secret = <br>substr(md5(concat(RAND(),nas.nasname)),1,31) WHERE master.secret = ""<br><br>See here for default schema<br>http://wiki.freeradius.org/MySQL_DDL_script<br><br>Then write a script to pull the secret out of SQL and write it to the <br>NAS using SNMP.<br><br>||<br><br>Write a script to open ssh shell sessions to your APs and write the <br>secret to them using ssh.<br><br>||<br><br>I've got some very basic PHP classes which I wrote and use , though <br>you'll need the ssh2 extension compiled in. And you'll have to modify <br>some of the SQL queries.<br><br>||<br><br>If anyone has any scripts in other languages they would like to donate...<br><br>||<br><br>If you really have nothing better to do you can
do them all by hand :)<br><br>We have ~ 500 switches and my scripts seem to do them fine, though they <br>don't work with ssh v1 only v2 , so I have to do the hundred or so <br>HP2524s by hand *ick*.<br><br>Damn you HP for not supporting SNMP setting of shared secrets :(<br>-- <br>Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk)<br>Authentication, Authorisation and Accounting Officer<br>Infrastructure Services | ENG1 E1-1-08<br>University Of Sussex, Brighton<br>EXT:01273 873900 | INT: 3900<br>- <br>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html<br></http:></blockquote><br><p>
<hr size=1>Building a website is a piece of cake. <br>Yahoo! Small Business gives you <a href="http://us.rd.yahoo.com/evt=48251/*http://smallbusiness.yahoo.com/webhosting/?p=PASSPORTPLUS">all the tools to get online.</a>