Translation

(itstool) path: sect5/para
Then, add the following lines to <filename>/etc/rc.conf</filename>:
82/670
Context English Turkish (tr_TR) State
<acronym>WPA</acronym> with <acronym>EAP-TLS</acronym> <acronym>WPA</acronym> ile <acronym>EAP-TLS</acronym>
The second way to use <acronym>WPA</acronym> is with an 802.1X backend authentication server. In this case, <acronym>WPA</acronym> is called <acronym>WPA</acronym> Enterprise to differentiate it from the less secure <acronym>WPA</acronym> Personal. Authentication in <acronym>WPA</acronym> Enterprise is based on the Extensible Authentication Protocol (<acronym>EAP</acronym>). <acronym> WPA </acronym> 'ı kullanmanın ikinci yolu 802.1X arka uç kimlik doğrulama sunucusudur. Bu durumda, onu daha az güvenli olan <acronym> WPA </acronym> Personal'dan ayırmak için <acronym> WPA </acronym> <acronym> WPA </acronym> girişim olarak adlandırılır. <acronym> WPA </acronym> girişim içindeki kimlik doğrulama, Genişletilebilir Kimlik Doğrulama Protokolü'ne (<acronym> EAP </acronym>) dayanır
<acronym>EAP</acronym> does not come with an encryption method. Instead, <acronym>EAP</acronym> is embedded inside an encrypted tunnel. There are many <acronym>EAP</acronym> authentication methods, but <acronym>EAP-TLS</acronym>, <acronym>EAP-TTLS</acronym>, and <acronym>EAP-PEAP</acronym> are the most common. <acronym> EAP </acronym> bir şifreleme yöntemiyle gelmez. Bunun yerine, <acronym> EAP </acronym> şifreli bir tünelin içine yerleştirilir. Birçok <acronym> EAP </acronym> kimlik doğrulama yöntemi vardır, ancak <acronym> EAP-TLS </acronym>, <acronym> EAP-TTLS </acronym> ve <acronym> EAP-PEAP </acronym> en yaygın.
EAP with Transport Layer Security (<acronym>EAP-TLS</acronym>) is a well-supported wireless authentication protocol since it was the first <acronym>EAP</acronym> method to be certified by the <link xlink:href="http://www.wi-fi.org/">Wi-Fi Alliance</link>. <acronym>EAP-TLS</acronym> requires three certificates to run: the certificate of the Certificate Authority (<acronym>CA</acronym>) installed on all machines, the server certificate for the authentication server, and one client certificate for each wireless client. In this <acronym>EAP</acronym> method, both the authentication server and wireless client authenticate each other by presenting their respective certificates, and then verify that these certificates were signed by the organization's <acronym>CA</acronym>. Aktarım Katmanı Güvenliği ile EAP (<acronym> EAP-TLS </acronym>), <link xlink: href = tarafından onaylanan ilk <acronym> EAP </acronym> yöntemi olduğundan iyi desteklenen bir kablosuz kimlik doğrulama protokolüdür. "http://www.wi-fi.org/">WiFi İttifakı </link>. <acronym> EAP-TLS </acronym> çalıştırmak için üç sertifika gerektirir: tüm makinelerde yüklü Sertifika Yetkilisi (<acronym> CA </acronym>), kimlik doğrulama sunucusu için sunucu sertifikası ve her kablosuz istemci. Bu <acronym> EAP </acronym> yönteminde, hem kimlik doğrulama sunucusu hem de kablosuz istemci, ilgili sertifikalarını sunarak birbirlerinin kimliğini doğrular ve ardından bu sertifikaların kuruluşun <acronym> CA </acronym> tarafından imzalandığını doğrular.
As previously, the configuration is done via <filename>/etc/wpa_supplicant.conf</filename>: Daha önce olduğu gibi, yapılandırma <filename> /etc/wpa_supplicant.conf </filename> ile yapılır:
network={
ssid="freebsdap" <co xml:id="co-tls-ssid"/>
proto=RSN <co xml:id="co-tls-proto"/>
key_mgmt=WPA-EAP <co xml:id="co-tls-kmgmt"/>
eap=TLS <co xml:id="co-tls-eap"/>
identity="loader" <co xml:id="co-tls-id"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-tls-cacert"/>
client_cert="/etc/certs/clientcert.pem" <co xml:id="co-tls-clientcert"/>
private_key="/etc/certs/clientkey.pem" <co xml:id="co-tls-pkey"/>
private_key_passwd="freebsdmallclient" <co xml:id="co-tls-pwd"/>
}
network={
ssid="freebsdap" <co xml:id="co-tls-ssid"/>
proto=RSN <co xml:id="co-tls-proto"/>
key_mgmt=WPA-EAP <co xml:id="co-tls-kmgmt"/>
eap=TLS <co xml:id="co-tls-eap"/>
identity="loader" <co xml:id="co-tls-id"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-tls-cacert"/>
client_cert="/etc/certs/clientcert.pem" <co xml:id="co-tls-clientcert"/>
private_key="/etc/certs/clientkey.pem" <co xml:id="co-tls-pkey"/>
private_key_passwd="freebsdmallclient" <co xml:id="co-tls-pwd"/>
}
This field indicates the network name (<acronym>SSID</acronym>). Bu alan ağ adını gösterir (<acronym> SSID </acronym>).
This example uses the <acronym>RSN</acronym> <trademark class="registered">IEEE</trademark> 802.11i protocol, also known as <acronym>WPA2</acronym>. Bu örnekte, <acronym> WPA2 </acronym> olarak da bilinen <acronym> RSN </acronym> <trademark class = "kayıtlı"> IEEE </trademark> 802.11i protokolü kullanılmaktadır.
The <literal>key_mgmt</literal> line refers to the key management protocol to use. In this example, it is <acronym>WPA</acronym> using <acronym>EAP</acronym> authentication. <literal> key_mgmt </literal> satırı, kullanılacak anahtar yönetimi protokolünü ifade eder. Bu örnekte, <acronym> EAP </acronym> kimlik doğrulaması kullanılarak <acronym> WPA </acronym> kullanılır.
This field indicates the <acronym>EAP</acronym> method for the connection. Bu alan bağlantı için <acronym> EAP </acronym> yöntemini gösterir.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym>. <literal> kimlik </literal> alanı, <acronym> EAP </acronym> için kimlik dizesini içerir.
The <literal>ca_cert</literal> field indicates the pathname of the <acronym>CA</acronym> certificate file. This file is needed to verify the server certificate. <literal> ca_cert </literal> alanı, <acronym> CA </acronym> sertifika dosyasının yol adını belirtir. Bu dosya, sunucu sertifikasını doğrulamak için gereklidir.
The <literal>client_cert</literal> line gives the pathname to the client certificate file. This certificate is unique to each wireless client of the network. The <literal>client_cert</literal> line gives the pathname to the client certificate file. This certificate is unique to each wireless client of the network.
The <literal>private_key</literal> field is the pathname to the client certificate private key file. The <literal>private_key</literal> field is the pathname to the client certificate private key file.
The <literal>private_key_passwd</literal> field contains the passphrase for the private key. <literal> private_key_passwd </literal> alanı, özel anahtarın parolasını içerir.
Then, add the following lines to <filename>/etc/rc.conf</filename>: Ardından, <filename> /etc/rc.conf </filename> öğesine aşağıdaki satırları ekleyin:
The next step is to bring up the interface: Bir sonraki adım arayüzü açmaktır:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
It is also possible to bring up the interface manually using <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Arabirimi <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum> </citerefentry> ve <citerefentry><refentrytitle>ifconfig</refentry> 8 < </ manvolnum> </ citerefentry>.
<acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym> <acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym>
With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data. <acronym> EAP-TLS </acronym> ile, hem kimlik doğrulama sunucusunun hem de istemcinin bir sertifikaya ihtiyacı vardır. <acronym> EAP-TTLS </acronym> ile istemci sertifikası isteğe bağlıdır. Bu yöntem, ziyaretçilerin istemci tarafı sertifikaları olmasa bile güvenli bir <acronym> SSL </acronym> tüneli oluşturan bir web sunucusuna benzer. <acronym> EAP-TTLS </acronym>, kimlik doğrulama verilerinin güvenli taşınması için şifreli bir <acronym> TLS </acronym> tüneli kullanır.
The required configuration can be added to <filename>/etc/wpa_supplicant.conf</filename>: Gerekli yapılandırma <filename> /etc/wpa_supplicant.conf </filename> dosyasına eklenebilir:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
This field specifies the <acronym>EAP</acronym> method for the connection. Bu alan, bağlantı için <acronym> EAP </acronym> yöntemini belirtir.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym> authentication inside the encrypted <acronym>TLS</acronym> tunnel. <literal> identity </literal> alanı, şifreli <acronym> TLS </acronym> tüneli içinde <acronym> EAP </acronym> kimlik doğrulaması için kimlik dizesini içerir.
The <literal>password</literal> field contains the passphrase for the <acronym>EAP</acronym> authentication. <literal> parola </literal> alanı, <acronym> EAP </acronym> kimlik doğrulamasının parolasını içerir.
This field specifies the authentication method used in the encrypted <acronym>TLS</acronym> tunnel. In this example, <acronym>EAP</acronym> with MD5-Challenge is used. The <quote>inner authentication</quote> phase is often called <quote>phase2</quote>. Bu alan şifreli <acronym> TLS </acronym> tünelinde kullanılan kimlik doğrulama yöntemini belirtir. Bu örnekte, MD5-Challenge ile birlikte <acronym> EAP </acronym> kullanılmaktadır. <quote> iç kimlik doğrulama </quote> aşamasına genellikle <quote> phase2 </quote> adı verilir.
Next, add the following lines to <filename>/etc/rc.conf</filename>: Ardından, <filename> /etc/rc.conf </filename> öğesine aşağıdaki satırları ekleyin:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym> <acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym>
<acronym>PEAPv0/EAP-MSCHAPv2</acronym> is the most common <acronym>PEAP</acronym> method. In this chapter, the term <acronym>PEAP</acronym> is used to refer to that method. <acronym> PEAPv0 / EAP-MSCHAPv2 </acronym> en yaygın <acronym> PEAP </acronym> yöntemidir. Bu bölümde, bu yöntemi ifade etmek için <acronym> PEAP </acronym> terimi kullanılmaktadır.

Loading…

Then, add the following lines to <filename>/etc/rc.conf</filename>:
Ardından, <filename> /etc/rc.conf </filename> öğesine aşağıdaki satırları ekleyin:
4 months ago
Browse all component changes

Glossary

English Turkish (tr_TR)
command line komut satırı FreeBSD Doc
line satır FreeBSD Doc

Source information

Source string comment
(itstool) path: sect5/para
Source string location
book.translate.xml:63591
String age
6 months ago
Source string age
a year ago
Translation file
books/tr_TR/handbook.po, string 10413