I have configured a working EAP-TLS system and am now migrating to
use EAP-TTLS (with both client side certificates and a password
authentication mechanism).
I'm stuck trying to work out how to avoid sending the password
unhashed to the server and think that some form of CHAP/MSCHAPv2
On 29/01/2007, at 10:07 PM, Alan DeKok wrote:
James Lever wrote:
I'm stuck trying to work out how to avoid sending the password
unhashed
to the server
Why?
Two reasons - first I am trying to limit risk of client
misconfiguration - if a client has misconfigured their supplicant
On 29/01/2007, at 11:03 PM, [EMAIL PROTECTED] wrote:
MSCHAPv2 is the main way to go. offering challenge/response means
the password is never sent clear. alternatively you could use
MD5 instead of plain. but client support is an issue...
After reading through Alan DeKok's compatibility page
On 17/01/2007, at 4:47 PM, Alan DeKok wrote:
James Lever wrote:
Wed Jan 17 08:00:11 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
That just means there's no client certificate.
Interesting given I'm only allowing EAP-TLS access to my wireless LAN
(or attempting
Hi List,
FreeRADIUS 1.1.4 on FreeBSD (5-STABLE), Apple Airport Extreme NAS,
MacBook Pro client, WPA2 Enterprise with 2k keys.
I'm having the much mentioned but very hard to get real information
about error below:
Wed Jan 17 08:00:11 2007 : Error: TLS_accept:error in SSLv3 read
Hi again list,
Another issue I have had in setting up a WPA2 Enterprise environment
is that I can get it to work as expected with 2k keys, however, if I
go to 4k keys, freeradius 1.1.4 loads properly but seg faults when
handling a 4k key request.
The environment is Apple Airport Extreme
6 matches
Mail list logo