In other words, EAP-TTLS/EAP-TLS isn't actually supported in
freeRADIUS?
It is. I believe you misunderstood how RADIUS works.
Maybe, considering I've been reading about RADIUS for just over 2 days...
The connection between the AP (called NAS in RADIUS) and the
RADIUS-Server is only protected by the shared secret configured in
clients.conf.
Yes, this is kind of weak.
It is *very* weak, not least because connections can be intercepted as,
I presume is the case here, this "shared secret" is transmitted in the
clear over the wire. If that is not the case and it is hashed, then,
that's another story.
And because of this weakness a protocol like
RADsec has been developed, which is essentially
RADIUS-with-SSL-over-TCP, thus providing strong encryption of the whole
RADIUS session.
So far I have not seen any devices like APs, Dial-in-Servers, etc.
support RADsec. But this is normally no problem, since those devices are
usually located in a safe network with the RADIUS server.
RADsec for example is used in the Deutsche Forschungsnetz (DFN), to
secure inter-university RADIUS connections over the Internet to
authenticate Eduroam users.
Interesting, noted. It would be nice if this works in a similar way as
the SSL handshake works - this is very secure, tested and already
established in the real world.
Back to EAP-(T)TLS:
The connection between a connecting device such as a laptop, which
connects to a NAS, can be secured via EAP-(T)TLS, which is a protocol
transported via RADIUS packets.
This of course is supported by FreeRADIUS since ages.
OK, my understanding of EAP-TTLS/EAP-TLS is that the authentication
happens in two distinct stages: the first stage (EAP-TTLS) is the outer
authentication where the server presents its credentials/certificate to
the client and then the secure channel is established. Phase two
(EAP-TLS in my case) is where the client - via its client certificate -
is actually authenticated to the RADIUS server. Now, I was hoping that
the AP does this in a similar sort of way when authenticating itself to
the RADIUS server, but it seems that is not the case and this is indeed
a weak point.
My question still remains though - since this is a two-phase
authentication, two distinct sets of (ca, server, client) certificates
can be used. How do I specify these in RADIUS?
I found that I could specify the ca, client and server certificates once
(normally stored in raddb/certs if memory serves), but I potentially
need two of each for each phase. I know I could use just one, but just
for the sake of understanding the whole process and getting to know how
it all works I need to know this. How do I do that?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
