moving ahead with eap-sim under 3.0.11
Alan DeKok
aland at deployingradius.com
Fri Mar 4 20:49:19 CET 2016
On Mar 4, 2016, at 2:45 PM, Michael Martinez <mwtzzz at gmail.com> wrote:
>
> On Fri, Mar 4, 2016 at 10:48 AM, Alan DeKok <aland at deployingradius.com> wrote:
>> Trying to authenticate third-party SIM cards is a hack. It will always be a hack. You MUST have the SIM keys in order to do proper, secure, authentication.
>
> I understand and agree. Do you have any practical advice on how to get
> the SIM key? People who are implementing EAP-SIM/Freeradius in
> production environments, what are they doing to get them?
The people who use EAP-SIM are typically Telcos who buy SIM cards directly from the manufacturers, and who therefore can control the keys.
As a third-party person trying to authenticate random SIM cards... it's impossible.
Alan DeKok.
More information about the Freeradius-Users
mailing list