TLS certificates authorities.

Stefan Winter stefan.winter at
Fri Sep 9 09:52:22 CEST 2016


> Could you please clarify you warning regarding client configuration? Some
> systems allow my EAP-TTLS+PAP configuration out of the box, do you mean in
> could be insecure? Are there any way to prevent client authentication
> unless it have my CA installed?

The TLS channel is the only line of defence against credential theft. If
users choose to ignore security warnings related to the certificate,
anyone can present an arbitrary certificate and the user's device will
merrily deliver the password in cleartext to anyone who's asking.

The situation is *slightly* less critical with TTLS-MSCHAPv2 or PEAP
because at least they only transmit the NTHash of the user's password,
not the cleartext.

NTHash can meanwhile be broken rather trivially though, so this won't
stop a determined attacker.

Getting the cert validation done right really is the only working
repellant against rogue AP+rogue RADIUS server attacks.

Funny enough, this situation is explained extensively on :-)

(look at "User Device Configuration")


Stefan Winter

Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Freeradius-Users mailing list