Binary Revolution Forums: Linux Foibles - Binary Revolution Forums

Jump to content

Welcome to Binary Revolution Forums

Welcome to the Binary Revolution Forums! You are a guest and are welcome to browse our 7 public forums at the top of the list without registering. All other forums are restricted to registered users only and will give you an "unauthorized" message if you try to browse them. However, if you Register or Sign In (ABSOLUTELY FREE and PRIVATE) you will be able to access many more sections of the site that are reserved for registered members and have lots of other benefits such as bypassing those annoying ads.

  • NO ADS! All of the ads are for GUESTS ONLY!
  • The annoying guest message (this very one) at the top of every page will go away.
  • Access our private messaging system to communicate with other users.
  • Start new topics and reply to others instead of just reading.
  • Subscribe to topics and forums to get automatic updates on watched threads.
  • Add/view events to our community calendar.
  • Customize your profile and see your statistics.
  • Change your preferences such as choosing layouts and tweaking your settings.
  • Contribute your site to our database of links.
  • Access our Gallery and all of its features (instead of just viewing thumbnails) including uploading images of your own.
  • Build up your reputation using our reputation controls.
  • Once again: NO ADS! All of the ads are for GUESTS ONLY! It is all free so Register Now!
Guest Message © 2012 DevFuse
ANNOUNCEMENTS & NEWS:


ANNOUNCEMENT: BinRev is now proud to be hosted and affiliated with lunarpages! See the announcement at the top of the forums for more details.
ANNOUNCEMENT: Follow us on twitter: @binrev @stankdawg

NOTE 2012-03-12: The forums are pretty neglected these days. I still stop in and clean up SPAM every once in a while and ban asshats as the need arises but you MUST USE THE REPORT FEATURE to notify the moderating team! We will not know that there are problems if you do not report it.

-- StankDawg

Subscribe to Bit Bucket        RSS Feed
-----

Linux Foibles

30 April 2008
Icon Leave Comment
Tags: RADIUS Project
Posted by mirrorshades 
Ironically enough -- since the article I was referencing for my FreeRADIUS / EAP-TLS / WiFi setup was written in Linux Journal magazine -- I've had some difficulty getting my linux laptop connected to the AP. With WPA-PSK (i.e. WPA with a password), it worked fine with the madwifi drivers and the wpa_supplicant program. However, trying to tweak wpa_supplicant to work with the EAP-TLS settings has been... challenging... frustrating... annoying. The magic seems to happen in the wpa_supplicant.conf file, and I'm struggling to figure out where it's not right.

The cool thing, that I just discovered, is that there is an interactive interface to the wpa_supplicant app called wpa_cli. Running this program allows you to see the responses coming from the AP and issue commands. Using this interface, I was able to see the identity request, and found this magic command was what I needed:

identity l33t /etc/ssl/certs/cert_19delta.pem

That is, set my identity for the AP named 'l33t' to the specified certificate. A few seconds later, I received an "identity accepted" message. I then had to run dhclient for my DHCP address, and got it.

So... I am now connected (and doing this blog entry with that very laptop), but not automatically. This tells me that my certificates and such can do what they need to, but something somewhere is not quite jiving.

More to come when I figure it all out. I will post full config files for each portion of the process when everything is working as it should. (If for no other reason than so I don't forget when I go to do this again sometime.)

So stay tuned.
Back to Bit Bucket →

0 Comments On This Entry

 

Recent Entries

Recent Comments


  • Time Now: May 17 2012 05:21 AM