EAP-TLS RADIUS login for local user authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We have an existing application (written in Python) which uses RADIUS for user authentication. To satisfy security/crypto requirements, we are requested to use EAP-TLS via RADIUS because plain RADIUS is not sufficiently secure.

I have compiled 'wpa_supplicant' with the hope that this would do what is needed, but it seems to only do half of what is needed (the EAP-TLS login/session part).

In order to satisfy the requirement, it appears that 'hostapd' needs to be added like this:

  RADIUS Server <--> hostapd <--> wpa_supplicant <--> LOGIN App

It appears that with some work, a local client app can use wpa_supplicant to produce the EAP-TLS login session.

Hostapd responds to EAP-TLS login sessions by creating a RADIUS session.

The underlying body of code in 'hostapd' and 'wpa_supplicant' is identical. The problem is that neither application seems to have considered this possible requirement.

Is there something I am not aware of which is better than attempting to run 'hostapd' and 'wpa_supplicant' on the same system to support user authentication?

Is there an example application for initating a local authentication via 'wpa_supplicant'?

Bob
--
Bob Friesenhahn
bfriesen@xxxxxxxxxxxxxxxxxxx, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
Public Key,     http://www.simplesystems.org/users/bfriesen/public-key.txt

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux