Hi Dan, Here's some more information about PEAP-GTC.
First, a little snippit from the freeradius project: http://wiki.freeradius.org/EAP#PEAPv1.2FEAP-GTC It references the RFC in which PEAP-GTC is defined as an inner authentication protocol: http://www.ietf.org/rfc/rfc3748.txt In the RFC, the relevant section is 5.6 In our environment, we utilize RSA tokens with a randomly generated keys, so I think it is likely the method you are thinking of. You're correct in your analysis, it would certainly be an always prompt/never save bit in the application. Running a search to gather more information to help out, all I ran into were posts about people who had upgraded various distributions and gotten NM 0.7.x (that had been running 0.6.x with working PEAP-GTC support), so it does seem to be utilized somewhat frequently. wpa_supplicant appears to still work correctly with PEAP-GTC for most people, as does NM 0.6.x, so most people who are in the same boat as I am have been downgrading to the older version of NM or just using wpa_supplicant directly. I'm happy to assist however I can in this, but I will likely be limited to providing myself as a lab rat for testing changes. Anybody is more than welcome to take me up on that offer. :) Let me know if there is any other information I can gather that would help out, and thank you for looking into this! Cheers, David On Fri, Dec 19, 2008 at 10:15 AM, Dan Williams <d...@redhat.com> wrote: > On Thu, 2008-12-18 at 23:17 -0600, David Orman wrote: > > Filed a bug in Gnome's bugtracker in case anybody else runs across > > this thread with the same issue: > > http://bugzilla.gnome.org/show_bug.cgi?id=565065 > > The GTC is the dongle thing that gives you a one-time-pad, correct? In > this case, we do need to add a bunch of support for GTC to > NetworkManager. It would mean not entering the PIN in the connection > editor or anywhere, but having the applet ask for the PIN *ever* time > the connection or reconnection attempt was made. It wouldn't be hard to > actually support, but would take some code. It's on the table, I've > seen another request for it recently, just needs the work done. If > anyone's up for doing the patch, I can outline what needs to get > changed. > > Dan > > > Thanks, > > David > > > > On Thu, Dec 18, 2008 at 4:09 AM, David Orman <orma...@corenode.com> > > wrote: > > Hi, > > > > I am trying to use Fedora 10/Intel 5300 on a Cisco based > > wireless network, which uses GTC for the inner authentication. > > I see this option no longer exists in the version of NM that I > > have: NetworkManager-0.7.0-0.12.svn4326.fc10.x86_64. > > > > Out of curiosity, I used GIT to get the latest source, and see > > the following in libnm-util/nm-setting-8021x.c: > > > > 950 { "gtc", NULL, NULL }, // FIXME: implement > > > > So, it appears GTC is not implemented in NM, even though > > wpa_supplicant supports it. Are there any patches available > > that allow this to work? This seems to be a regression from > > version 0.6.x (I don't know the exact version I was using > > before). > > > > I've seen various bugs filed at the distribution level > > regarding this, but I didn't see one with this specific > > problem in the Gnome bugtracker. However, seeing the comment > > in the source, it seems to be a known-issue. Is this actually > > the case, and will this actually be implimented? Do I need to > > actually file a bug? Are there any known workarounds? > > > > Respectfully, > > David > > > > _______________________________________________ > > NetworkManager-list mailing list > > NetworkManager-list@gnome.org > > http://mail.gnome.org/mailman/listinfo/networkmanager-list > >
_______________________________________________ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
