 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Tue, Oct 07, 2003 at 09:09:46PM -0400, ron.peterson at yellowbank.com wrote: > On Tue, Oct 07, 2003 at 05:16:31PM -0400, josephc at etards.net wrote: > > > Does anyone have any experience or docs in setting up a RADIUS server to > > authenticate a host by it's MAC address? > > Yes. I've included a portion of the users file for cistron radius. > This configuration supports MAC based authentication for Lucent wireless > access points. Maybe others, but that's what I've tested. (Or is it > Orinoco? Or Agere? Or Proxim? Or Higgedly Piggedly? I forget.) So, I'm wondering why you would do this. I regard access points as insecure pieces of infrastructure, subject to frequent failure and replacement. Since all encryption has to be done through to the client anyway, why do [easily spoofable] [unnecessary] auth of the hardware itself? (One answer just occurred to me. Are you doing a single-sign-on for admin rights to the boxes? But it would be better to maintain a single logon for the box and only manage through scripts or SNMP...) -dsr-
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
