Wireless Authentication and Encryption with Zeroshell Linux - Page 2

Part 1: Zeroshell makes it easy to harness FreeRADIUS and other open source tools to secure your wireless network.

 By Carla Schroder
Page 2 of 2   |  Back to Page 1
Print Article

Continued from page 1

Create a New Certificate Authority

Go to Security -> X.509. Enter your information, then click Generate. This replaces the default CA, so you'll get a warning. Click OK. You should see something like Figure 1.

Figure 2. Click for a larger image.

Note the success messages at the bottom. Now go to the Groups page and add a new user group and GID, something novel like "users, 500". Then go to the Users page and create a new user. In the Username field enter the user's login; you'll enter their first and last names farther down. Fill in the rest of the blanks and save. A private key and X.509 certificate are automatically created for each user.

Now go to the Radius page. Enable the Radius server, then go to the Access Points tab and add an access point. The IP address of your access point must be in CIDR notation, for example (The /32 netmask equals a single address.) Then create a strong shared secret with a maximum lengths of 32 characters

Configuring the Access Point

The configuration interfaces vary with every access point, but you always need the same information:

  • RADIUS/Zeroshell server IP address
  • RADIUS/Zeroshell server port, default 1812
  • Shared Secret
  • Type of authentication, which is WPA2, sometimes called WPA Enterprise

Come back for part 2 to learn how to set up your wireless clients to authenticate to your new RADIUS server.


This article was originally published on May 6, 2008
Get the Latest Scoop with Networking Update Newsletter