Collaborate Disseminate
I’m setting up RADIUS server using FreeRADIUS and self-signed certificate. Tested using eapol_test and successfully logged in. But when I’m trying to add a PC running Ubuntu 22.04 LTS to the network, it failed to pass EAP-TLS authenticate…. Continue reading Ubuntu 22.04 LTS: EAP-TLS not working [migrated]
I am using freeradius to test EAP-TLS. Authorization only succeeds if I specify an identity. It doesn’t even have to match any fields in the client certificate. Why is that required if I have a cert and private key? I know the EAP protocol… Continue reading EAP TLS identity requriements
While WPA2-PSK and WPA3-SAE are really secure once a connection has been established, my understanding is that if you have access to the Wi-Fi password you can impersonate the AP without any problems. I’m starting to add more and more IoT … Continue reading WPA(2/3)-PSK-compatible per-device Wi-Fi passwords to prevent AP MITM on IoT networks
I set EAP-TLS on my FreeRadius server, and i want to try the certificate-based authentication for a testing. I set up an Apache as a webservice and enabled ssl on it. I could redirect the basic username-password authentication to the radiu… Continue reading FreeRadius and Apache Mutual authentication
According to the freeradius document https://freeradius.org/radiusd/man/rlm_pap.txt I can use NT-Password as the type of storing user’s password. However, I have only found the type of generating raw MD4 as NTLM Hash. As I need to use MSCH… Continue reading Are there other types of NT Password (NTLM Hash) besides raw MD4?
According to the freeradius document https://freeradius.org/radiusd/man/rlm_pap.txt I can use NT-Password as the type of storing user’s password. However, I have only found the type of generating raw MD4 as NTLM Hash. As I need to use MSCH… Continue reading Are there other types of NT Password (NTLM Hash) besides raw MD4?
I recently set up a freeradius server and would like to change the user password that is presently in cleartext to encrypted in the /etc/freeradius/3.0/users file.
This is what it looks like on the server.
When I authenticate on the serve… Continue reading How to encrypt user password in Freeradius [migrated]
I am trying to use Freeradius 3.0 for authentication with certificates. To generate the CA, Server and Client certificate, make is available, reading a specific configuration file for each certificates (more information about it here).
The… Continue reading Unable to decrypt password protected certificates with Freeradius or from GUI
I am discovering both Freeradius and the password hashing mechanism. I built a database (in MySQL) to store the passwords of some users. I have a user with the password in clear text, another one hashed in SHA256 without salt and the last … Continue reading How can Freeradius detect if the password provided is right when only the salted hash is stored in the database without the salt
I have this scenario:
I want to create a WiFi network for a hotel that the customers should pay to gain access to the internet.
I tried Captive portal, but captive portal is very vulnerable against MAC spoofing.
So I tried wpa2-enterpris… Continue reading How to protect against MAC spoofing in WiFi network?