14 Dec
2016
14 Dec
'16
4:58 p.m.
On 14/12/2016 16:29, Henti Smith wrote:
We currently have a wpapsk wifi managed by ubiquiti unif-fi. i'm in the process of trying to move this over to a WPA2-Enterprise setup using kerberos as authentication.
To be entirely clear: I think what you want is WPA2-Enterprise setup using TTLS/PEAP plaintext password authentication, but using a Kerberos server as a password oracle to validate the plaintext password. Is that correct? (That's as opposed to using Kerberos tickets to authenticate your wifi access, which would be very neat as in this paper: https://www.thinkmind.org/download.php?articleid=ubicomm_2010_12_30_10120 There's an (expired) Internet Draft for this too)