OS / Protocol Compatibility

[David Teston]

Thank you all for responding.

Alan, thanks for clarifying on the protocols. I paired them randomly in the
example. A hierarchy would be very useful (but I only say that wishfully).

Arran, this is great to know.

Brian, I agree with you about PAP. We have multi-site organization, so
passwords will be transmitted over WAN. Might have to explore Matthew and
TIm's suggestions.


So to anyone... do we have any other motions to start a compatibility
matrix between OS's and protocols? If so, let's get some docs going. We can
add the nuances there too. How do we get the permissions to create content
on the wiki?


Thanks,
David


--
David Teston
PINES System Administrator
Georgia Public Library Service
1800 Century Place, Suite 150
Atlanta, GA 30345
Office: 404-235-7206
Mobile: 404-623-8676
dteston at georgialibraries.org
http://georgialibraries.org

On Fri, Apr 7, 2017 at 3:39 PM, Brian Julin <BJulin at clarku.edu> wrote:

> David Teston wrote:
> > Where can I find a protocol compatibility matrix for each OS?
>
> Haven't seen one.  Really we need some bored retiree to start a beer money
> kickstarter to test and maintain giant compatibility tables, not just for
> this, but
> for all the nuances of wifi chipsets.
>
> > Also, can we prioritize the protocols? Since PAP is the least secure, I'd
> > like clients to try the other protocols and use PAP as the last option.
>
> Generally supplicants are configured to use one specific protocol, not a
> fallback list.  Most servers are configured to offer only one protocol to
> a specific class of clients.
>
> PAP should only be used when confined to unsniffable internal
> administrative
> networks... there's no good reason to use it elsewhere as all it will do
> is expose your user's passwords, which is worse than having no password
> security at all.
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>