"WPA keys" that expires after use

tnt at kalik.co.yu tnt at kalik.co.yu
Sun Jul 29 20:51:33 CEST 2007


If you want to expire passwords set Expiration attribute using exec or
perl modules at first login. Deleting users and expired passwords
hasn't got much to do with radius. Delete them the same way you created
them.

Ivan Kalik
Kalik Informatika ISP


Dana 29/7/2007, "Ferdo Piš" <ferd0pis at yahoo.com> piše:

>I didn't mean the real WPA key (that's why I put them in brackets). I wanted a key (a pass of some predefined user) in radius server. And the user in raduis server is deleted X hours after it's first login.
>
>Is this possible, or am I missing the point completely?
>
>Ferd0
>
>----- Original Message ----
>From: "A.L.M.Buxey at lboro.ac.uk" <A.L.M.Buxey at lboro.ac.uk>
>To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
>Sent: Sunday, July 29, 2007 5:46:00 PM
>Subject: Re: "WPA keys" that expires after use
>
>Hi,
>
>> The idea is, that the router does the authentication via radius server, which stores predefined "WPA keys". When user uses one of them to access the network, the "WPA key" is activated. After specified period of time, radius server automatically deactivates the WPA key and disconnects user.
>
>err, if the WPA key only becomes active AFTER they've reached the RADIUS server - then HOW are they to connect
>to the wireless in the first place - as the WPA key is required for the layer 2 link to come alive(!)
>
>AAA would be able to give you this 'very low level' type of authentication. what you COULD do
>with AAA is to use SSL certs....eg EAP-PEAP/EAP-TLS with WPA-enterprise. and then once the
>cert has been used, expire it.  alternatively use WPA as you are currently doing but enforce
>another control method to get online - such as a SOCKS5 proxy.
>
>alan
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
>
>
>
>____________________________________________________________________________________
>Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out.
>http://answers.yahoo.com/dir/?link=list&sid=396545433
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list