Difference between revisions of "Spacenet"

From Hackerspace ACKspace
Jump to: navigation, search
(EAP-MSCHAPv2)
Line 67: Line 67:
 
** Do NOT use windows logon name and password (will probably not work for you)
 
** Do NOT use windows logon name and password (will probably not work for you)
 
* Use user authentication
 
* Use user authentication
** Save credentials: user@realm.tld with your password
+
** Save credentials: user@ackspace.nl with your password
  
  

Revision as of 18:04, 21 April 2012

We haz spacenet.


http://spacefed.net/wiki/index.php/Spacenet

4 Linux :



Copy & Paste this txt below into a file and name it ackspace.pem

Put it in your own home folder.


-----BEGIN CERTIFICATE-----
MIICvDCCAaQCCQCxaXLQG5/vsTANBgkqhkiG9w0BAQUFADAgMR4wHAYDVQQDExVy
YWRpdXMuYWNrc3BhY2UubG9jYWwwHhcNMTExMTIxMjAwMjI1WhcNMjExMTE4MjAw
MjI1WjAgMR4wHAYDVQQDExVyYWRpdXMuYWNrc3BhY2UubG9jYWwwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bIFcc/ChNW2WQScUimA0Rb+FqgqiBRUD
YVp41JVG2LZG6UWorYIk6Sm3nM5ysB3DyPOi6TQVscntO7xtb9IINELjPdPNpKBW
h44XHvxL2jlBGy1NfFIr8et7PPkU/OyeneL4Rx+eYB/X084vqw9iRQTmbrEnJP2s
a8iWxFcUZehJ+0TFDhOj44iTfGaF6x1J1UzaEy4N3etxwRjEHF4SnsVB/WndQrVR
gRVTfi42n5vMaXDuTt/VvcWRM07W9kuTJQecgXdik38eXFQ+bNqAWaqM3WA1y/Un
SNWHK4ikZdrvDjZceC6HEc7AjcXD3y2DyzkmgyZSTNyMj+YMCSd3AgMBAAEwDQYJ
KoZIhvcNAQEFBQADggEBAGIfSDy1ZbI+ULiZLDbOxUzI6jdSvwVk2ZdYj4WHdCNc
rOoRTvUr1UQMFdBwjmvIesQDXWNSRpb5FQxRG7XWBEH5EbEHTPrgM3tB41m0/L5/
S8lguvTWyDLiUA3du7HSke5RI4YRjBwFyjDB4HmL3QUmbx5O9EZ6bKDQZ8hWx4of
19Rz/ESV8j8K57LyX09EIqNap0h9H4D99KFTuITRZCQCkz5QX//JQvvCI9+SOSme
IT6xYVaF+vdaRSOZR7YJqt4ILAQR8hOUr8dBoHP57lOoC/cWkZtsS5YnjF1PvKbK
S49zoEg+BUz+iIl2vQgH/+LGQeJG3XaotKes+QBwfoM=
-----END CERTIFICATE-----





Linux WIFI settings :

Wireless security : WPA & WPA2 Enterprise

Authentication : Protected EAP (PEAP)

Anonymous identity : <leeg>

CA certificate : ackspace.pem

PEAP version : automatic Inner

Authentication : MSCHAPv2

Username : <user>@ackspace.nl

Password : <password>





Windows 7

Windows 7 will either support EAP-MSCHAPv2 (username/password) or EAP-TLS (certificates) out-of-the-box.

You should manually create a wireless network under "Manage wireless networks".

Depending on the configuration of your home-RADIUS you should either choose EAP-MSCHAPv2 or EAP-TLS.

EAP-MSCHAPv2

  • SSID: spacenet
  • Security type: WPA2-Enterprise
  • Encryption type: AES
  • Authentication: Microsoft: Protected EAP (PEAP)
  • Validate server certificate (good practice)
    • Connect to these servers: common-name of the certificate installed on your RADIUS server
    • Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server
  • Authentication method: secured passwords (EAP-MSCHAP v2)
    • Do NOT use windows logon name and password (will probably not work for you)
  • Use user authentication
    • Save credentials: user@ackspace.nl with your password


Windows mschap 1.png

Windows mschap 2.png

Windows mschap 3.png

Windows mschap 4.png

Windows mschap 5.png

EAP-TLS

  • Make sure your device has a client certificate issued by your PKI
  • SSID: spacenet
  • Security type: WPA2-Enterprise
  • Encryption type: AES
  • Authentication: Microsoft: Smart Card or other certificate
  • Validate server certificate (good practice)
    • Connect to these servers: common-name of the certificate installed on your RADIUS server
    • Trusted root certification authorities: select the CA which signed the certificate installed on your RADIUS server


Windows tls 1.png

Windows tls 2.png



Info voor psy :


/etc/freeradius/users

www.insidepro.com/hashes.php

NTLM