1
edit
LDAP: Difference between revisions
From London Hackspace Wiki
no edit summary
No edit summary |
|||
| Line 71: | Line 71: | ||
(you'll need to be on Debian release jessie, or something else with a fairly modern version of ssh). | (you'll need to be on Debian release jessie, or something else with a fairly modern version of ssh). | ||
=== Example configuration === | |||
Tested by esotericnonsense on 2018-11-17 at Ujima House. | |||
Add the following to wpa_supplicant.conf: | |||
<nowiki> | |||
network={ | |||
ssid="spacenet" | |||
identity="$YOUR_LDAP_USERNAME@london.hackspace.org.uk" | |||
anonymous_identity="anonymous@london.hackspace.org.uk" | |||
domain_match="spacefed.london.hackspace.org.uk" | |||
password="$YOUR_LDAP_NTLM_PASSWORD" | |||
eap=TTLS | |||
key_mgmt=WPA-EAP | |||
phase2="auth=PAP" | |||
}</nowiki> | |||
Note that the domain_match option is _important_. Without it, someone could spoof a RADIUS server and your password could be acquired by them. | |||
