Re: FC5, NetworkManager, Client Certificates
- From: "Darren Albers" <dalbers gmail com>
- To: networkmanager-list gnome org
- Subject: Re: FC5, NetworkManager, Client Certificates
- Date: Sun, 27 Aug 2006 12:17:11 -0400
The EAP configs in Network-Manager map to the same in WPA_Supplicant
so man wpa_supplicant.conf would provide some information.
Additionally Network-Manager isn't doing anything unusual or special
so specific documentation regarding the various EAP wouldn't really be
exceptionally helpful except in cases where the field names chosen
don't correspond to what other supplicants have chosen but in my
experience they match in most cases. I was able to configure PEAP on
Network Manager as easily as I configured it on Odyssey and I suspect
that in enterprise deployments the admin's will document this all for
the users and not require them to guess at the fields.
To answer your specific questions, I assume that you are using EAP-TLS.
When you generate a cert for a user you generate a public and private
key. The cert itself is the public key (the pem file). The Private
key password is only needed if you created the private key with a
password or passphrase (This is recommended by the way so the loss of
the private key doesn't compromise anything else). So you need to
private key, but not necessarily the passphrase. The private key is
used to encrypt the data and the public key is passed to the server so
that it can use it to decrypt the data. The reason you don't need the
private key on windows is because that key is stored withing the
windows certificate store. If you need more background on that
specific area there is a wealth of information available on PKI and I
can provide you with some great links.
From then on the transaction occurs just like any other PKI
transactions, the private key is used to encrypt the data and the
public key is exchanged between the two to decrypt the data. This
connection is used to exchange dynamic WEP or WPA keys and the
Wireless connection is brought up.
Does that help answer your question?
On 8/26/06, Nolan Garrett <nolan massivegeek com> wrote:
Nolan Garrett wrote:
> Hello!
>
> I am running FC5, and NetworkManager on the IPW2200 drivers (2915 card,
> actually).
>
> My wireless network uses client certificates, where it authenticates
> through the AP using EAP to a W2K3 DC. Each user has a certificate. I
> am encrypting with TKIP.
>
> How can I get NetworkManager to work? I've given it the certificate,
> but I don't necessarily understand what all of the fields do for WPA
> Enterprise mode. What's the difference between Client Certificate and
> Private Key?
>
> Any tips and setting this up would be great!
>
> Thanks!
>
> Nolan
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list
Has no one attempted 802.1x authentication via wireless with
NetworkManager? Or am I just too dumb to make it work? Even a
reference to a page describing how to would be fine - I just can't
Google anything.
Nolan
_______________________________________________
NetworkManager-list mailing list
NetworkManager-list gnome org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]