[CentOS] RADIUS

Gordon Messmer gordon.messmer at gmail.com
Fri Feb 23 03:53:47 UTC 2018 

On 02/22/2018 03:22 AM, hw wrote:
> Gordon Messmer wrote:
>> Look for documentation on 802.11x authentication for the specific 
>> client you want to authenticate.
>
> Thanks, I figured it is what I might need to look into.  How about
> a client that uses PXE boot?

Provide PXE (dhcp, dns, tftp) on an unauthenticated VLAN.  Your original 
email suggested that you'd want users to auth before a system would 
boot, but that's probably not possible.  If you want to authenticate 
users via username and password using RADIUS, then there has to be an OS 
running to provide an interface in which they provide credentials.  It's 
not really clear how else you'd imagine that working.

>> WiFi is pretty straightforward.  You're probably accustomed to 
>> authenticating with WPA2 Personal.  With RADIUS, you'll use WPA2 
>> Enterprise.  Users will be asked for their RADIUS credentials when 
>> you select that  option.
>
> That seems neither useful, nor feasible for customers wanting to use the
> wireless network we would set up for them with their cell phones. Are
> cell phones even capable of this kind of authentication?

Well, I guess I'm confused because having explained where you'd find the 
interface in which users will provide their RADIUS username and 
password, you think this process is unfeasible.  Perhaps you could 
explain what you're looking for, more precisely?

>> Ethernet is fairly similar to WPA2 Enterprise for WiFi.  Under GNOME, 
>> for instance, you can open the Network configuration tool, click on 
>> the configuration gear for the wired connection, and then select the 
>> Security tab.  Tun on 802.1x Security, and then you'll have the 
>> option to select an authentication type that matches your switch and 
>> RADIUS configuration.  This will vary from client platform to client 
>> platform, but it's basically the same as WiFi authentication:
>
> I´m not using gnome; I recently tried it, and it´s totally bloated,
> yet doesn´t even have a usable window manager.

OK.  I'm not sure how your opinion of GNOME is really relevant.  I'm 
describing it because it's an example that's probably within reach for 
both you and me, given that you and I are communicating via a GNU/Linux 
focused mailing list.

I'm sorry my voluntary attempt to help you out wasn't to your liking.

More information about the CentOS mailing list