Linux Client Rechner

CentOS release 4.3 (Final)

Vorbereitungen

http://tldp.org/HOWTO/html_single/8021X-HOWTO/#xsupplicant

[root@localhost xsupplicant-1.2.6]# yum install gcc
[root@localhost xsupplicant-1.2.6]# yum install openssl-devel.i386
[root@localhost xsupplicant-1.2.6]# yum install byacc.i386
[root@localhost xsupplicant-1.2.6]# yum install flex.i386

[root@localhost ~]# wget http://heanet.dl.sourceforge.net/sourceforge/open1x/xsu
pplicant-1.2.6.tar.gz
--12:29:04--  http://heanet.dl.sourceforge.net/sourceforge/open1x/xsupplicant-1.
2.6.tar.gz
           => `xsupplicant-1.2.6.tar.gz'
Resolving heanet.dl.sourceforge.net... 193.1.193.66, 2001:770:18:aa40::c101:c142
Connecting to heanet.dl.sourceforge.net|193.1.193.66|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 829,378 (810K) [application/x-gzip]

100%[====================================>] 829,378      966.35K/s

12:29:05 (963.66 KB/s) - `xsupplicant-1.2.6.tar.gz' saved [829378/829378]

[root@localhost ~]# ls
anaconda-ks.cfg  install.log  install.log.syslog  xsupplicant-1.2.6.tar.gz
[root@localhost ~]# tar xzf xsupplicant-1.2.6.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg  install.log.syslog  xsupplicant-1.2.6.tar.gz
install.log      xsupplicant-1.2.6
[root@localhost ~]# cd xsupplicant-1.2.6
[root@localhost xsupplicant-1.2.6]# ls
aclocal.m4    configure     drivers     lib          mkinstalldirs
AUTHORS       configure.in  etc         LICENSE      README
CHANGELOG     COPYING       gui_tools   Makefile.am  src
config.guess  depcomp       INSTALL     Makefile.in  TODO
config.sub    doc           install-sh  missing      tools
[root@localhost xsupplicant-1.2.6]# ./configure --help
....
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc.  You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=$HOME'.


  --sysconfdir=DIR       read-only single-machine data [PREFIX/etc]

[root@localhost xsupplicant-1.2.6]# mkdir /etc/open1x

[root@labadclient02 xsupplicant-1.0.1]#./configure --prefix=/usr --sysconfdir=/etc/open1x --mandir=/usr/share/man --infodir=/usr/share/info --localstatedir=/var
[root@labadclient02 xsupplicant-1.0.1]#make
[root@labadclient02 xsupplicant-1.0.1]#checkinstall

[root@labadclient02 xsupplicant-1.0.1]cp etc/*.conf /etc/open1x/

[root@labadclient02 open1x]#mkdir bin

Scripte

Konfigurationen

Tests

peap Authentication:

[root@labadclient02 open1x]# xsupplicant -c /etc/open1x/peap.conf -i eth0 -d 6
network_list: all
Default network: "default"
Startup command: "/etc/open1x/bin/startup.sh"
First_Auth command: "/etc/open1x/bin/startup2.sh"
Reauth command: "echo "authenticated user %i""
Logfile: "/var/log/xsupplicant.log"
allow_interface_list: "eth0"
deny_interface_list: "eth1"
Allow Type: PEAP
ID: "m1k3"
peap root_cert: "NONE"
peap chunk: 1398
peap rand: "/dev/urandom"
Session Resumption = YES
PEAP Allow Types: ALL
mschapv2 username: "m1k3"
mschapv2 password: "m1k3"
dhclient: no process killed
Starting startup.sh
shut down interface eth0
killing the DHCP-client
starting interface eth0
Finished startup.sh
Starting startup2.sh
Internet Systems Consortium DHCP Client V3.0.1
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP

Listening on LPF/eth0/00:07:e9:d5:1d:ea
Sending on   LPF/eth0/00:07:e9:d5:1d:ea
Sending on   Socket/fallback
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPACK from 141.201.43.10
bound to 141.201.43.24 -- renewal in 353192 seconds.
Finished startup2.sh

xsupplicant log output
Freeradius logging bei peap Authentifizierung

MD5 Authentication - BROKEN:

MD5 Authentication kann nicht verwendet werden da alle Passwörter im Active Directory in Plain Text vorliegen müssten!

[root@labadclient02 open1x]# xsupplicant -c /etc/open1x/md5.conf -i eth0 -d 6
network_list: all
Default network: "default"
Startup command: "/etc/open1x/bin/startup.sh"
First_Auth command: "/etc/open1x/bin/startup2.sh"
Reauth command: "echo "authenticated user %i""
Logfile: "/var/log/xsupplicant.log"
allow_interface_list: "eth0"
deny_interface_list: "eth1"
Allow Types: ALL
ID: "m1k3"
md5 username: "m1k3"
md5 password: "m1k3"
Starting startup.sh
shut down interface eth0
killing the DHCP-client
dhclient: no process killed
starting interface eth0
Finished startup.sh
Starting startup2.sh
Internet Systems Consortium DHCP Client V3.0.1
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP

Listening on LPF/eth0/00:07:e9:d5:1d:ea
Sending on   LPF/eth0/00:07:e9:d5:1d:ea
Sending on   Socket/fallback
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPACK from 141.201.43.10
bound to 141.201.43.24 -- renewal in 375226 seconds.
Finished startup2.sh
"authenticated user eth0"

xsupplicant log output - MD5
Freeradius logging bei MD5 Authentifizierung

Debian testing

23:41:20 m1k3INTERN /home/micmes [root]apt-cache search xsupplicant
xsupplicant - 802.1x and 802.11i supplicant (client)
23:41:26 m1k3INTERN /home/micmes [root]apt-get install xsupplicant
...

 
client_linux.txt · Last modified: 2009/09/13 17:39 (external edit)
 
Except where otherwise noted, content on this wiki is licensed under the following license:CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki