Wireless Authentication and Encryption with Zeroshell Linux - Page 2

By Carla Schroder | Posted May 5, 2008
Page 2 of 2   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Continued from page 1

Create a New Certificate Authority

Go to Security -> X.509. Enter your information, then click Generate. This replaces the default CA, so you'll get a warning. Click OK. You should see something like Figure 1.


Figure 2. Click for a larger image.

Note the success messages at the bottom. Now go to the Groups page and add a new user group and GID, something novel like "users, 500". Then go to the Users page and create a new user. In the Username field enter the user's login; you'll enter their first and last names farther down. Fill in the rest of the blanks and save. A private key and X.509 certificate are automatically created for each user.

Now go to the Radius page. Enable the Radius server, then go to the Access Points tab and add an access point. The IP address of your access point must be in CIDR notation, for example 172.16.10.101/32. (The /32 netmask equals a single address.) Then create a strong shared secret with a maximum lengths of 32 characters

Configuring the Access Point

The configuration interfaces vary with every access point, but you always need the same information:

  • RADIUS/Zeroshell server IP address
  • RADIUS/Zeroshell server port, default 1812
  • Shared Secret
  • Type of authentication, which is WPA2, sometimes called WPA Enterprise

Come back for part 2 to learn how to set up your wireless clients to authenticate to your new RADIUS server.

Resources

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter