pubkey-auth, EAP-GTC

dev at dev at
Tue Oct 22 21:55:36 CEST 2019


we want to use public-key-authentication with WPA2. the appropriate method to use seems to be EAP-GTC (plain, nothing around it needed). this (site config):
authorize {
        update control {
                Auth-Type := `query-user-pubkey_decrypt-challenge_compare.script '%{User-Name}' '%{User-Password}' '%{Client-IP-Address}' '%{Challenge}'`
(with script returnig Accept or Reject) seems to work in general. first problem is that %{challenge} (or %{Challenge} or %{Access-Challenge}) seems not to expand to the challenge - what's the challenge's variable name? the second problem is: how can the challenge be set dynamically? setting "challenge" in eap{gtc{}} to a script using `` does not work.
anybody with hints on this?



More information about the Freeradius-Users mailing list