The translation is temporarily closed for contributions due to maintenance, please come back later.

Source string Read only

(itstool) path: callout/para
Context English State
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym>.
The <literal>ca_cert</literal> field indicates the pathname of the <acronym>CA</acronym> certificate file. This file is needed to verify the server certificate.
The <literal>client_cert</literal> line gives the pathname to the client certificate file. This certificate is unique to each wireless client of the network.
The <literal>private_key</literal> field is the pathname to the client certificate private key file.
The <literal>private_key_passwd</literal> field contains the passphrase for the private key.
Then, add the following lines to <filename>/etc/rc.conf</filename>:
The next step is to bring up the interface:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
It is also possible to bring up the interface manually using <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
<acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym>
With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data.
The required configuration can be added to <filename>/etc/wpa_supplicant.conf</filename>:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
This field specifies the <acronym>EAP</acronym> method for the connection.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym> authentication inside the encrypted <acronym>TLS</acronym> tunnel.
The <literal>password</literal> field contains the passphrase for the <acronym>EAP</acronym> authentication.
This field specifies the authentication method used in the encrypted <acronym>TLS</acronym> tunnel. In this example, <acronym>EAP</acronym> with MD5-Challenge is used. The <quote>inner authentication</quote> phase is often called <quote>phase2</quote>.
Next, add the following lines to <filename>/etc/rc.conf</filename>:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym>
<acronym>PEAPv0/EAP-MSCHAPv2</acronym> is the most common <acronym>PEAP</acronym> method. In this chapter, the term <acronym>PEAP</acronym> is used to refer to that method.
Protected EAP (<acronym>PEAP</acronym>) is designed as an alternative to <acronym>EAP-TTLS</acronym> and is the most used <acronym>EAP</acronym> standard after <acronym>EAP-TLS</acronym>. In a network with mixed operating systems, <acronym>PEAP</acronym> should be the most supported standard after <acronym>EAP-TLS</acronym>.
<acronym>PEAP</acronym> is similar to <acronym>EAP-TTLS</acronym> as it uses a server-side certificate to authenticate clients by creating an encrypted <acronym>TLS</acronym> tunnel between the client and the authentication server, which protects the ensuing exchange of authentication information. <acronym>PEAP</acronym> authentication differs from <acronym>EAP-TTLS</acronym> as it broadcasts the username in the clear and only the password is sent in the encrypted <acronym>TLS</acronym> tunnel. <acronym>EAP-TTLS</acronym> will use the <acronym>TLS</acronym> tunnel for both the username and password.
Add the following lines to <filename>/etc/wpa_supplicant.conf</filename> to configure the <acronym>EAP-PEAP</acronym> related settings:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=PEAP <co xml:id="co-peap-eap"/>
identity="test" <co xml:id="co-peap-id"/>
password="test" <co xml:id="co-peap-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-peap-cacert"/>
phase1="peaplabel=0" <co xml:id="co-peap-pha1"/>
phase2="auth=MSCHAPV2" <co xml:id="co-peap-pha2"/>
}
This field contains the parameters for the first phase of authentication, the <acronym>TLS</acronym> tunnel. According to the authentication server used, specify a specific label for authentication. Most of the time, the label will be <quote>client <acronym>EAP</acronym> encryption</quote> which is set by using <literal>peaplabel=0</literal>. More information can be found in <citerefentry><refentrytitle>wpa_supplicant.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
This field specifies the authentication protocol used in the encrypted <acronym>TLS</acronym> tunnel. In the case of <acronym>PEAP</acronym>, it is <literal>auth=MSCHAPV2</literal>.
<acronym>WEP</acronym>
Wired Equivalent Privacy (<acronym>WEP</acronym>) is part of the original 802.11 standard. There is no authentication mechanism, only a weak form of access control which is easily cracked.
<acronym>WEP</acronym> can be set up using <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>:
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> create wlandev <replaceable>ath0</replaceable></userinput>
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> inet <replaceable>192.168.1.100</replaceable> netmask <replaceable>255.255.255.0</replaceable> \
ssid <replaceable>my_net</replaceable> wepmode on weptxkey <replaceable>3</replaceable> wepkey <replaceable>3:0x3456789012</replaceable></userinput>

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

Following checks are failing:
XML markup: Chinese (Simplified) (zh_CN)
Has been translated: Turkish (tr_TR)

Reset

Source information

Source string comment
(itstool) path: callout/para
Flags
read-only
Source string location
book.translate.xml:65535
String age
a year ago
Source string age
a year ago
Translation file
books/handbook.pot, string 10738