Freeradius like WPA2-PSK
James JJ Hooper
JJJ.Hooper at bristol.ac.uk
Thu Nov 29 16:50:48 CET 2012
On 28 November 2012 19:54, Brian Julin <BJulin at clarku.edu> wrote:
> WPA2-Enterprise with PEAP authentication is automatically recognized
> by most new clients these days. The clients will prompt for a username
> and a password. If you generate an ntcrypt (by shelling out of FR to
> a utility to do so) for an inbound username/password on the RADIUS side
> from a known cleartext password on the fly, you can arrange things such
> that that password is accepted for any username.
Hi Brian,
Slightly tangential to the original question. But if you want to
implement as per this suggestion, why do you need the external ntcrypt
script. All that functionality is built in, just do this:
server INNER-eap {
authorize {
...
update control {
Cleartext-Password := 'thePassword'
MS-CHAP-Use-NTLM-Auth := 0
}
...
}
...
}
Kind regards,
James
--
James J J Hooper
Senior Network Specialist, University of Bristol
http://www.wireless.bristol.ac.uk
--
More information about the Freeradius-Users
mailing list