You are not logged in.
As far as my knowledge goes WPA-EAP is the same as WPA Enterprise (in Vista it's named Enterprise). My School network uses the TKIP key management. And this is what I added to my /etc/wpa_supplicant.conf:
Network={
ssid="studentnet"
proto=WPA
key_mgmt=WPA-EAP
pairwise=TKIP
priority=1
}
However, I can not get this setup to work.
On the open networks (without auth) my wireless works just fine.
So if anyone has experience with WPA-EAP + TKIP, please shoot me some pointers. I'm fairly new to the arch way of setting up wireless.
*g* this thread will be a hack thread instead of a support thread
Last edited by hardframed (2007-09-11 07:31:57)
With a linux system, you can smell the victory.
With a arch system, you can taste it.
Offline
I found out that the school network uses PEAP. And some googling made me aware over that wpa_supplicant supports the following PEAP authentication:
* EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
* EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
* EAP-PEAP/GTC (both PEAPv0 and PEAPv1)
* EAP-PEAP/OTP (both PEAPv0 and PEAPv1)
* EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)
I'm gonna trial and error some. BRB
EDIT.
EAP-PEAP/MSCHAPv2 is the one my school network uses.
EDIT 2.
This is the template I found that suits my student network. Now I need to set this up.
EAP-PEAP/MSCHAPv2 configuration for RADIUS servers tha$
(e.g., Radiator)
network={
ssid="example"
key_mgmt=WPA-EAP
eap=PEAP
identity="user@example.com"
password="foobar"
ca_cert="/etc/cert/ca.pem"
phase1="peaplabel=1"
phase2="auth=MSCHAPV2"
priority=10
pairwise=TKIP # added TKIP to the template
}
Edit 3.
PEAP = Protected Extensible Authentication Protocol http://en.wikipedia.org/wiki/Protected_ … n_Protocol
....PEAP uses only server-side public key certificates to authenticate clients by creating an encrypted SSL/TLS tunnel between the client and the authentication server...
So I guess that is the reason ca_cert="/etc/cert/ca.pem" is being called.
Yet, I'm left with one question. The password is stored in the conf file. Is this secure? Can this be done in a better way?
Last edited by hardframed (2007-09-11 08:02:10)
With a linux system, you can smell the victory.
With a arch system, you can taste it.
Offline
You can make the conf file readable to root only - that's the way I've done it. AFAIK there is no way around having the password there.
Last edited by fwojciec (2007-09-11 13:08:03)
Offline