somewhat ot: Check radius server name on linux supplicant
sebelk at gmail.com
Mon Jan 5 01:05:21 CET 2009
I'm stuck with a problem to which I haven't found an easy solution.
Let's say we use either EAP-PEAP or EAP-TTLS. Both on Windows you cave
ways to check not only ca certificate but also radius server name.
*NetworkManager: It can't check radius server name.
*wicd: You could use customized scripts but make things harder and
replace NetworkManager which is the default network tool on modern
*kwlan: It's like wicd an more KDE oriented.
*wpasupplicant: It can check server name! But also on Fedora 10 I
haven't found a way for NetworkManager apply its config file. Mostly
"modern" and end users distros don't pay attention to wpasupplicant
On Windows (and I am not presicely a MS fan) you can check server name
either by itself or by SecureW2. On Mac it prompts you showing radius
server name. Sadly, I haven't found on Linux to check radius server
I fear this: Let's say I have a radius server which use a certificate
signed by WhateverSign. You get a certificate signed by WhateverSign
too. You use a trustable ca certificate, don't you? Well, you config a
cheating Access Point. Then a user come and connect to that cheating
Access Point. Please tell me if that risk exists and if is wothy of
worrying. If it is, how I can do for check radius server name on
modern distro Linux?
Thanks in advance and happy new year!!!!
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
More information about the Freeradius-Users