matttions
Guru
Joined: 19 Jul 2004
Posts: 338
|
 Posted: Wed Mar 01, 2006 6:21 pm Post subject: WPA -- EAP/TLS con file .cert |
 |
|
Salve.
Qui rilasciano soltanto il file .cert per connettersi alla rete wireless dell'ateneo.
Volevo sapere se era possibile connettersi utilizzando questo file.
La mia configurazione :
| Code: | | /etc/wpa_supplicant.conf |
| Code: |
#TLS = EAP-TLS Per il polo
network={
ssid="PoloInf"
key_mgmt=WPA-EAP
eap=TLS
proto=RSN
pairwise=CCMP TKIP
group=CCMP TKIP
identity="my_user"
password="my_password"
client_cert="/home/mattions/Desktop/certnew.cert"
}
|
Il simpatico output di wpa_supplicant
| Code: |
the-tux etc # wpa_supplicant -Dwext -ieth1 -c /etc/wpa_supplicant.conf -dd
Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
Line: 270 - start of a new network block
ssid - hexdump_ascii(len=7):
50 6f 6c 6f 49 6e 66 PoloInf
key_mgmt: 0x1
eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
proto: 0x2
pairwise: 0x18
group: 0x18
identity - hexdump_ascii(len=15):
6d 69 63 68 65 6c 65 6d 61 74 74 69 6f 6e 69 michelemattioni
password - hexdump_ascii(len=14): [REMOVED]
client_cert - hexdump_ascii(len=35):
2f 68 6f 6d 65 2f 6d 61 74 74 69 6f 6e 73 2f 44 /home/mattions/D
65 73 6b 74 6f 70 2f 63 65 72 74 6e 65 77 2e 63 esktop/certnew.c
65 72 74 ert
Priority group 0
id=0 ssid='PoloInf'
Initializing interface (2) 'eth1'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
SIOCGIWRANGE: WE(compiled)=19 WE(source)=16 enc_capa=0x0
capabilities: key_mgmt 0x0 enc 0x3
Own MAC address: 00:04:23:73:80:ee
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Added interface eth1
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
State: DISCONNECTED -> SCANNING
Starting AP scan (broadcast SSID)
Scan timeout - try to get results
Received 854 bytes of scan results (4 BSSes)
Scan results: 4
Selecting BSS from priority group 0
0: 00:01:f4:44:9f:fb ssid='PoloInf' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN proto match
1: 00:01:f4:44:9d:74 ssid='PoloInf' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN proto match
2: 00:40:96:5b:8b:43 ssid='tsunami-e' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
3: 00:40:96:58:49:69 ssid='ERSUCAM' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
No suitable AP found.
Setting scan request: 5 sec 0 usec
Starting AP scan (broadcast SSID)
Scan timeout - try to get results
Received 854 bytes of scan results (4 BSSes)
Scan results: 4
Selecting BSS from priority group 0
0: 00:01:f4:44:9f:fb ssid='PoloInf' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN proto match
1: 00:01:f4:44:9d:74 ssid='PoloInf' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN proto match
2: 00:40:96:58:49:69 ssid='ERSUCAM' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
3: 00:40:96:5b:8b:43 ssid='tsunami-e' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
|
e continua così ....
1) E' possibile utilizzare un file .cert direttamente per ottenere un'autenticazione di tipo EAP-TLS ?
O devo trasformarlo in .pem in qualche modo ?
_________________
gentoo ... l'unico pinguino da corsa |
|
Forum italiano (Italian)
