On Mon, Apr 26, 2010 at 07:01:03PM +0100, Ben Thompson wrote:
On Mon, Apr 26, 2010 at 07:26:48PM +0200, Esben Damgaard wrote:
Ben Thompson skrev:
Hi
Does/will it support WPA-Enterprise?
Currently it does not, but it could be added. If you can show me the
output of 'iwlist scan' (from the Neo) near a wpa-enterprise network
and tell me what information is needed to log in, maybe I can make
it.
Hi
There are a few different ways to do it because although you can get
connected with just a username and password, there are also optional
parameters for wpa_supplicant which force it not just to connect but
also verify the identity of the network. I have my own ideas about
how this should work, but probably the most basic way would be to also
have an option to select a certificate from /etc/ssl/certs. Please let
me know if you want my input and I will give you all the help I can.
Further to my previous email, could I make the following suugestions
on how to implement WPA-Enterprise in a simple way :-
GUI Requirements :-
User scans for networks and selects an SSID shown as WPA-Enterprise.
Setup screen is shown with three mandatory fields
a) Username - text entry from keyboard
b) Password - text entry from keyboard
c) Server Certificate - drop down list which selects .pem or .der files from ~/.wifi_certs/
and /etc/ssl/certs/ and also includes a option labelled "Send my password to anyone (insecure!)"
WPA Supplicant config :-
If the user selects "Send my password to anyone (insecure!)",
wpa_supplicant config is as follows :-
I think this would work for 99% of the networks out there. If anyone
needs to use a self signed cert they can put it in ~/wifi_certs.
Other protocols such as TTLS or TLS could be added later as could
things like CN check if they are deemed necesarry.
From mail correspondence:
On Mon, Apr 26, 2010 at 07:01:03PM +0100, Ben Thompson wrote:
Hi
Further to my previous email, could I make the following suugestions on how to implement WPA-Enterprise in a simple way :-
GUI Requirements :-
WPA Supplicant config :-
If the user selects "Send my password to anyone (insecure!)", wpa_supplicant config is as follows :-
If the user selects a cert from /etc/ssl/certs wpa_supplicant config is as follows :-
I think this would work for 99% of the networks out there. If anyone needs to use a self signed cert they can put it in ~/wifi_certs. Other protocols such as TTLS or TLS could be added later as could things like CN check if they are deemed necesarry.
Ben