Cross platform secure login on wpa2

Brian Candler b.candler at
Wed Dec 14 22:58:18 CET 2016

On 14/12/2016 16:29, Henti Smith wrote:
> We currently have a wpapsk wifi managed by ubiquiti unif-fi. i'm in the
> process of trying to move this over to a WPA2-Enterprise setup using
> kerberos as authentication.

To be entirely clear: I think what you want is WPA2-Enterprise setup 
using TTLS/PEAP plaintext password authentication, but using a Kerberos 
server as a password oracle to validate the plaintext password. Is that 

(That's as opposed to using Kerberos tickets to authenticate your wifi 
access, which would be very neat as in this paper:

There's an (expired) Internet Draft for this too)

More information about the Freeradius-Users mailing list