password-less keys for TLS
Matt Zagrabelny
mzagrabe at d.umn.edu
Fri Nov 11 20:27:27 CET 2016
Hello,
I am wondering what folks think about password-less keys for TLS? Both
the server key - and the client key under EAP-TLS.
The password for the server key is on disk in a config file, so a
password encrypted key seems just about as safe as a password-less
key.
The client keys are bit more vulnerable when they aren't encrypted,
but I thought I would ask the list if anyone is rolling client certs
without passwords.
Thanks for any feedback!
-m
More information about the Freeradius-Users
mailing list