FreeRadius EAP-TLS configuration

From Alpine Linux
Revision as of 11:43, 12 July 2015 by Sillysausage (talk | contribs) (Created page with "= Introduction = A more secure way than using pre-shared keys (WPA2) is to use [https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP-TLS EAP-TLS] and use separ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Introduction

A more secure way than using pre-shared keys (WPA2) is to use EAP-TLS and use separate certificates for each device. In the previous tutorial Linux Router with VPN on a Raspberry Pi I mentioned I'd be doing this with a (Ubiquiti UniFi AP). I have tested this with two phones running CyanogenMod 11 (Android 4.4.4).

Installation

Install freeradius and haveged. You'll need haveged to increase randomness of /dev/random Entropy and randomness

apk add freeradius freeradius-eap haveged

References

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=FreeRadius_EAP-TLS_configuration&oldid=11051"