KLUG Weekly Meeting Notes

Tuesday, January 24, 2006

 

WIRELESS AUTHENTICATION - EAP & OpenRADIUS

Presented by Adam Williams

Adam has posted his presentation here:
http://www.whitemiceconsulting.com/node/97

OpenRADIUS URL’s:
http://www.xs4all.nl/~evbergen/openradius/
http://freshmeat.net/projects/openradius/

Adam Williams spelled it out with a 42 slide Impress presentation,
"Wireless Alphabet Soup." He showed what it takes to configure
an OpenRADIUS server to handle wireless network authentication.
We saw yet another useful Open Source GPL’d software solution.

This presentation covered setting up a RADIUS service to provide
support for EAP authentication via your wireless network. OpenRADIUS
can authenticate users against your LDAP DSA, CIFS Domain Controller,
or a multitude of other sources (including flat files).
RADIUS stands for Remote Authentication Dial-In User Service.

Originally used by ISP’s to control the banks of dial-up modems,
OpenRADIUS is used for wireless network authentication services.
Adam told us how it all fits together. He explained the 802.11i goals
for security. The descriptions for setting up a WPA network will get
you to the goal of a working authentication service. He showed how
to configure the various files to get the desired result.


RADIUS is the protocol used by EAP servers to authenticate EAP users;
and OpenRADIUS is an Open Source service that provides RADIUS
service from any UNIX like platform (LINUX, BSD, etc...). EAP
(Extensible Authentication Protocol) is a standard for authenticating
network clients, most commonly used for wireless devices ("Supplicants").
EAP is an 802.1x standard that allows developers to pass security
authentication data between RADIUS and the access point (AP) and
wireless client. EAP has a number of variants, including: EAP MD5,
EAP-Tunneled TLS (EAP-TTLS), Lightweight EAP (LEAP), and
Protected EAP (PEAP).

(18 Linux Enthusiasts Attending)


Comments: Post a Comment

<< Home

Archives

March 2005   April 2005   May 2005   June 2005   July 2005   August 2005   September 2005   October 2005   November 2005   December 2005   January 2006   February 2006   March 2006   April 2006  

This page is powered by Blogger. Isn't yours?