EAP-TTLS/EAP-TLS with freeRADIUS
sven at svenhartge.de
Sun Nov 27 01:23:08 CET 2011
Mr Dash Four <mr.dash.four at googlemail.com> wrote:
>>> In other words, EAP-TTLS/EAP-TLS isn't actually supported in
>> It is. I believe you misunderstood how RADIUS works.
> Maybe, considering I've been reading about RADIUS for just over 2 days...
>> The connection between the AP (called NAS in RADIUS) and the
>> RADIUS-Server is only protected by the shared secret configured in
>> Yes, this is kind of weak.
> It is *very* weak, not least because connections can be intercepted as,
> I presume is the case here, this "shared secret" is transmitted in the
> clear over the wire. If that is not the case and it is hashed, then,
> that's another story.
No, the shared secret is not transmitted over the wire.
For additinal information see RFC2865, §2:
"When a password is present, it is hidden using a method based on the
RSA Message Digest Algorithm MD5. (see RFC131).
>> And because of this weakness a protocol like RADsec has been
>> developed, which is essentially RADIUS-with-SSL-over-TCP, thus
>> providing strong encryption of the whole RADIUS session.
> Interesting, noted. It would be nice if this works in a similar way as
> the SSL handshake works - this is very secure, tested and already
> established in the real world.
RadSec works this way, yes. Think of it like HTTPS for RADIUS.
>> Back to EAP-(T)TLS:
>> The connection between a connecting device such as a laptop, which
>> connects to a NAS, can be secured via EAP-(T)TLS, which is a protocol
>> transported via RADIUS packets.
>> This of course is supported by FreeRADIUS since ages.
> OK, my understanding of EAP-TTLS/EAP-TLS is that the authentication
> happens in two distinct stages: the first stage (EAP-TTLS) is the outer
> authentication where the server presents its credentials/certificate to
> the client and then the secure channel is established. Phase two
> (EAP-TLS in my case) is where the client - via its client certificate -
> is actually authenticated to the RADIUS server. Now, I was hoping that
> the AP does this in a similar sort of way when authenticating itself to
> the RADIUS server, but it seems that is not the case and this is indeed
> a weak point.
No, the AP does not authenticate itself to the RADIUS server via TLS,
just via the shared secret configured in clients.conf.
> My question still remains though - since this is a two-phase
> authentication, two distinct sets of (ca, server, client) certificates
> can be used. How do I specify these in RADIUS?
Which distinct set of certificates?
The server certificate and key is configured via eap.conf.
Which client certificates the RADIUS server trusts is configured via
CA_file, also in eap.conf.
Sigmentation fault. Core dumped.
More information about the Freeradius-Users