Mr Dash Four <mr.dash.four@googlemail.com> wrote:
In other words, EAP-TTLS/EAP-TLS isn't actually supported in freeRADIUS?
It is. I believe you misunderstood how RADIUS works.
Maybe, considering I've been reading about RADIUS for just over 2 days...
The connection between the AP (called NAS in RADIUS) and the RADIUS-Server is only protected by the shared secret configured in clients.conf.
Yes, this is kind of weak. It is *very* weak, not least because connections can be intercepted as, I presume is the case here, this "shared secret" is transmitted in the clear over the wire. If that is not the case and it is hashed, then, that's another story.
No, the shared secret is not transmitted over the wire. For additinal information see RFC2865, §2: "When a password is present, it is hidden using a method based on the RSA Message Digest Algorithm MD5. (see RFC131).
And because of this weakness a protocol like RADsec has been developed, which is essentially RADIUS-with-SSL-over-TCP, thus providing strong encryption of the whole RADIUS session.
Interesting, noted. It would be nice if this works in a similar way as the SSL handshake works - this is very secure, tested and already established in the real world.
RadSec works this way, yes. Think of it like HTTPS for RADIUS.
Back to EAP-(T)TLS:
The connection between a connecting device such as a laptop, which connects to a NAS, can be secured via EAP-(T)TLS, which is a protocol transported via RADIUS packets.
This of course is supported by FreeRADIUS since ages.
OK, my understanding of EAP-TTLS/EAP-TLS is that the authentication happens in two distinct stages: the first stage (EAP-TTLS) is the outer authentication where the server presents its credentials/certificate to the client and then the secure channel is established. Phase two (EAP-TLS in my case) is where the client - via its client certificate - is actually authenticated to the RADIUS server. Now, I was hoping that the AP does this in a similar sort of way when authenticating itself to the RADIUS server, but it seems that is not the case and this is indeed a weak point.
No, the AP does not authenticate itself to the RADIUS server via TLS, just via the shared secret configured in clients.conf.
My question still remains though - since this is a two-phase authentication, two distinct sets of (ca, server, client) certificates can be used. How do I specify these in RADIUS?
Which distinct set of certificates? The server certificate and key is configured via eap.conf. Which client certificates the RADIUS server trusts is configured via CA_file, also in eap.conf. Grüße, Sven. -- Sigmentation fault. Core dumped.