Post-Auth LDAP with computer names rather than usernames

Matthew Newton mcn at freeradius.org
Sat Oct 20 00:08:53 CEST 2018


On 19 October 2018 22:45:22 BST, Hans-Christian Esperer <hc at hcesperer.org> wrote:
>On Fri, Oct 19, 2018 at 10:39:33PM +0100, Matthew Newton wrote:
>> Never said it was a good replacement, just a close approximation.
>> 
>> Sometimes you have to work with what you've got.
>
>I don't agree that it is an approximation, let alone a close one.

Given we don't even know if the OP is using EAP or not, that might be all they've got to work with.

>TBH, I don't understand at all why MAC addresses are used everywhere in
>security relevant contexts. All these wifi "portals" are fundamentally
>flawed because of this.

Because nothing's perfect, and sometimes you can only work with what you've got. Like I said last time.

Nobody said you have to like it, or that web portals are secure.


-- 
Matthew



More information about the Freeradius-Users mailing list