The translation is temporarily closed for contributions due to maintenance, please come back later.

Source string Read only

(itstool) path: sect5/screen
Context English State
The <literal>private_key</literal> field is the pathname to the client certificate private key file.
The <literal>private_key_passwd</literal> field contains the passphrase for the private key.
Then, add the following lines to <filename>/etc/rc.conf</filename>:
The next step is to bring up the interface:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
It is also possible to bring up the interface manually using <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
<acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym>
With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data.
The required configuration can be added to <filename>/etc/wpa_supplicant.conf</filename>:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
This field specifies the <acronym>EAP</acronym> method for the connection.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym> authentication inside the encrypted <acronym>TLS</acronym> tunnel.
The <literal>password</literal> field contains the passphrase for the <acronym>EAP</acronym> authentication.
This field specifies the authentication method used in the encrypted <acronym>TLS</acronym> tunnel. In this example, <acronym>EAP</acronym> with MD5-Challenge is used. The <quote>inner authentication</quote> phase is often called <quote>phase2</quote>.
Next, add the following lines to <filename>/etc/rc.conf</filename>:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym>
<acronym>PEAPv0/EAP-MSCHAPv2</acronym> is the most common <acronym>PEAP</acronym> method. In this chapter, the term <acronym>PEAP</acronym> is used to refer to that method.
Protected EAP (<acronym>PEAP</acronym>) is designed as an alternative to <acronym>EAP-TTLS</acronym> and is the most used <acronym>EAP</acronym> standard after <acronym>EAP-TLS</acronym>. In a network with mixed operating systems, <acronym>PEAP</acronym> should be the most supported standard after <acronym>EAP-TLS</acronym>.
<acronym>PEAP</acronym> is similar to <acronym>EAP-TTLS</acronym> as it uses a server-side certificate to authenticate clients by creating an encrypted <acronym>TLS</acronym> tunnel between the client and the authentication server, which protects the ensuing exchange of authentication information. <acronym>PEAP</acronym> authentication differs from <acronym>EAP-TTLS</acronym> as it broadcasts the username in the clear and only the password is sent in the encrypted <acronym>TLS</acronym> tunnel. <acronym>EAP-TTLS</acronym> will use the <acronym>TLS</acronym> tunnel for both the username and password.
Add the following lines to <filename>/etc/wpa_supplicant.conf</filename> to configure the <acronym>EAP-PEAP</acronym> related settings:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=PEAP <co xml:id="co-peap-eap"/>
identity="test" <co xml:id="co-peap-id"/>
password="test" <co xml:id="co-peap-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-peap-cacert"/>
phase1="peaplabel=0" <co xml:id="co-peap-pha1"/>
phase2="auth=MSCHAPV2" <co xml:id="co-peap-pha2"/>
}
This field contains the parameters for the first phase of authentication, the <acronym>TLS</acronym> tunnel. According to the authentication server used, specify a specific label for authentication. Most of the time, the label will be <quote>client <acronym>EAP</acronym> encryption</quote> which is set by using <literal>peaplabel=0</literal>. More information can be found in <citerefentry><refentrytitle>wpa_supplicant.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
This field specifies the authentication protocol used in the encrypted <acronym>TLS</acronym> tunnel. In the case of <acronym>PEAP</acronym>, it is <literal>auth=MSCHAPV2</literal>.
<acronym>WEP</acronym>
Wired Equivalent Privacy (<acronym>WEP</acronym>) is part of the original 802.11 standard. There is no authentication mechanism, only a weak form of access control which is easily cracked.
<acronym>WEP</acronym> can be set up using <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>:
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> create wlandev <replaceable>ath0</replaceable></userinput>
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> inet <replaceable>192.168.1.100</replaceable> netmask <replaceable>255.255.255.0</replaceable> \
ssid <replaceable>my_net</replaceable> wepmode on weptxkey <replaceable>3</replaceable> wepkey <replaceable>3:0x3456789012</replaceable></userinput>
The <literal>weptxkey</literal> specifies which <acronym>WEP</acronym> key will be used in the transmission. This example uses the third key. This must match the setting on the access point. When unsure which key is used by the access point, try <literal>1</literal> (the first key) for this value.
The <literal>wepkey</literal> selects one of the <acronym>WEP</acronym> keys. It should be in the format <replaceable>index:key</replaceable>. Key <literal>1</literal> is used by default; the index only needs to be set when using a key other than the first key.
Replace the <literal>0x3456789012</literal> with the key configured for use on the access point.

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

Following checks are failing:
Unchanged translation: Chinese (Simplified) (zh_CN), Turkish (tr_TR), Portuguese (Brazil)

Reset

Source information

Source string comment
(itstool) path: sect5/screen
Flags
no-wrap, read-only
Source string location
book.translate.xml:65535
String age
a year ago
Source string age
a year ago
Translation file
books/handbook.pot, string 10741