Freeradius vs Security
Hans-Christian Esperer
hc at hcesperer.org
Tue Apr 2 15:56:24 CEST 2019
On Tue, Apr 02, 2019 at 03:48:13PM +0200, Sebastian Hagedorn wrote:
[...]
> certificate the RADIUS server presents – especially Android devices don't
> usually do that.
Just as a sidenote, Android does support EAP-PWD, which works without
certificates and uses some kind of zero knowledge proof to authenticate the
parties (radius, wifi client) to each other, at the small drawback of
transmitting the user name in plain text. Thus, EAP-PWD should always be safe
to use with eduroam regardless of how the end user's device is configured.
-HC
More information about the Freeradius-Users
mailing list