somewhat ot: Check radius server name on linux supplicant

Sergio Belkin sebelk at
Mon Jan 5 01:05:21 CET 2009


I'm stuck with a problem to which I haven't found an easy solution.
Let's say we use either EAP-PEAP or EAP-TTLS. Both on Windows you cave
ways to check not only ca certificate but also radius server name.

I've tried:
*NetworkManager: It can't check radius server name.
*wicd: You could use customized scripts but make things harder and
replace NetworkManager which is the default network tool on modern
*kwlan: It's like wicd an more KDE oriented.

*wpasupplicant: It can check server name! But also on Fedora 10 I
haven't found a way for NetworkManager apply its config file. Mostly
"modern" and end users distros don't pay attention to wpasupplicant
config file.

On Windows (and I am not presicely a MS fan) you can check server name
either by itself or by SecureW2. On Mac it prompts you showing radius
server name. Sadly, I haven't found on Linux to check radius server

I fear this: Let's say I have a radius server which use a certificate
signed by WhateverSign. You get a certificate signed by  WhateverSign
too. You use a trustable ca certificate, don't you? Well, you config a
cheating Access Point. Then a user come and connect to that cheating
Access Point. Please tell me if that risk exists and if is wothy of
worrying. If it is, how I can do for check radius server name on
modern distro Linux?

Thanks in advance and happy new year!!!!

Open Kairos
Watch More TV
Sergio Belkin -

More information about the Freeradius-Users mailing list