DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st September 2009
Sunnz's Avatar
Sunnz Sunnz is offline
Real Name: I don't have real time
Just a computer user...
 
Join Date: May 2008
Location: See Google Maps
Posts: 101
Thanked 1 Time in 1 Post
Default Running as a WPA-RADIUS AP?

Can an OpenBSD box with a supported WiFi card run as a Wireless AP with WPA-RADIUS?

I want to be able to give different passwords to different "guests" and it seems like RADIUS is a nice solution but I don't have any experience with it.

Thanks.
__________________
She sells C shells by the seashore.
Reply With Quote
  #2   (View Single Post)  
Old 21st September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,429
Thanked 214 Times in 189 Posts
Default

There are three different RADIUS servers in the ports tree. While anything is possible, the underlying encryption used by your chosen NIC shouldn't normally have any impact at a higher protocol layer.
Reply With Quote
  #3   (View Single Post)  
Old 22nd September 2009
Sunnz's Avatar
Sunnz Sunnz is offline
Real Name: I don't have real time
Just a computer user...
 
Join Date: May 2008
Location: See Google Maps
Posts: 101
Thanked 1 Time in 1 Post
Default

Hmm I thought WPA works with RADIUS? Hmm...
__________________
She sells C shells by the seashore.
Reply With Quote
  #4   (View Single Post)  
Old 22nd September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,429
Thanked 214 Times in 189 Posts
Default

http://en.wikipedia.org/wiki/RADIUS

[edit: WPA is encryption. RADIUS is authentication and authorization, and optionally accounting.]
Reply With Quote
  #5   (View Single Post)  
Old 22nd September 2009
Sunnz's Avatar
Sunnz Sunnz is offline
Real Name: I don't have real time
Just a computer user...
 
Join Date: May 2008
Location: See Google Maps
Posts: 101
Thanked 1 Time in 1 Post
Default

So if I use WPA encryption and run a RADIUS server that would work with Windows clients right? I guess what I am really want to do is "802.1X".
__________________
She sells C shells by the seashore.
Reply With Quote
  #6   (View Single Post)  
Old 22nd September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,429
Thanked 214 Times in 189 Posts
Default

There are some turnkey WPA APs that -integrate- with a back end RADIUS server. However, per http://kerneltrap.org/Quote/WPA_Supp...omment-298955:
Quote:
....802.1X is a completely separate protocol, described in a different standard, and was first designed for wired interfaces.

The fact that WPA *can* use 802.1X as its key management protocol does not make them one and the same....
From an OpenBSD perspective, the most recent comments I can find were in this misc@ thread: http://marc.info/?t=122418546800002&r=1&w=2 -- it looks like the answer is -No-. Looking at some work mentioned on tech@, and looking at committed patches that mention 802.1x between 2005 and 2009, it looks like some knobs and hooks for drivers that touch 802.1x compliant hardware are in place, but nothing more.
Reply With Quote
  #7   (View Single Post)  
Old 23rd September 2009
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,831
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by Sunnz View Post
So if I use WPA encryption and run a RADIUS server that would work with Windows clients right?
That all depends upon how well Microsoft is supporting the standards too.

I have had some interest in setting up a RADIUS server as well, & from what I have found through searching is that FreeRADIUS is one of the better supported alternatives. Will it take care of your needs? I don't know; you will simply have to research the material found at their Website:

http://wiki.freeradius.org/HOWTO
Reply With Quote
  #8   (View Single Post)  
Old 23rd September 2009
Sunnz's Avatar
Sunnz Sunnz is offline
Real Name: I don't have real time
Just a computer user...
 
Join Date: May 2008
Location: See Google Maps
Posts: 101
Thanked 1 Time in 1 Post
Default

Ok that's a lot of stuff to read, reading through it now... thanks guys for the pointers.
__________________
She sells C shells by the seashore.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem getting php running badguy OpenBSD General 7 22nd July 2009 03:34 PM
Running your own web server JMJ_coder General software and network 28 13th February 2009 01:15 AM
Required packages for running X enpey FreeBSD Ports and Packages 7 20th August 2008 09:16 AM
Problems running jdk-1.7 incripshin OpenBSD Packages and Ports 10 10th August 2008 05:54 PM
compiling and running perl/tk bsdnewbie999 Programming 4 10th August 2008 10:22 AM


All times are GMT. The time now is 07:04 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick