Translation

(itstool) path: sect5/para
With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data.
473/4360
Context English Turkish (tr_TR) State
network={
ssid="freebsdap" <co xml:id="co-tls-ssid"/>
proto=RSN <co xml:id="co-tls-proto"/>
key_mgmt=WPA-EAP <co xml:id="co-tls-kmgmt"/>
eap=TLS <co xml:id="co-tls-eap"/>
identity="loader" <co xml:id="co-tls-id"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-tls-cacert"/>
client_cert="/etc/certs/clientcert.pem" <co xml:id="co-tls-clientcert"/>
private_key="/etc/certs/clientkey.pem" <co xml:id="co-tls-pkey"/>
private_key_passwd="freebsdmallclient" <co xml:id="co-tls-pwd"/>
}
network={
ssid="freebsdap" <co xml:id="co-tls-ssid"/>
proto=RSN <co xml:id="co-tls-proto"/>
key_mgmt=WPA-EAP <co xml:id="co-tls-kmgmt"/>
eap=TLS <co xml:id="co-tls-eap"/>
identity="loader" <co xml:id="co-tls-id"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-tls-cacert"/>
client_cert="/etc/certs/clientcert.pem" <co xml:id="co-tls-clientcert"/>
private_key="/etc/certs/clientkey.pem" <co xml:id="co-tls-pkey"/>
private_key_passwd="freebsdmallclient" <co xml:id="co-tls-pwd"/>
}
This field indicates the network name (<acronym>SSID</acronym>). Bu alan ağ adını gösterir (<acronym> SSID </acronym>).
This example uses the <acronym>RSN</acronym> <trademark class="registered">IEEE</trademark> 802.11i protocol, also known as <acronym>WPA2</acronym>. Bu örnekte, <acronym> WPA2 </acronym> olarak da bilinen <acronym> RSN </acronym> <trademark class = "kayıtlı"> IEEE </trademark> 802.11i protokolü kullanılmaktadır.
The <literal>key_mgmt</literal> line refers to the key management protocol to use. In this example, it is <acronym>WPA</acronym> using <acronym>EAP</acronym> authentication. <literal> key_mgmt </literal> satırı, kullanılacak anahtar yönetimi protokolünü ifade eder. Bu örnekte, <acronym> EAP </acronym> kimlik doğrulaması kullanılarak <acronym> WPA </acronym> kullanılır.
This field indicates the <acronym>EAP</acronym> method for the connection. Bu alan bağlantı için <acronym> EAP </acronym> yöntemini gösterir.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym>. <literal> kimlik </literal> alanı, <acronym> EAP </acronym> için kimlik dizesini içerir.
The <literal>ca_cert</literal> field indicates the pathname of the <acronym>CA</acronym> certificate file. This file is needed to verify the server certificate. <literal> ca_cert </literal> alanı, <acronym> CA </acronym> sertifika dosyasının yol adını belirtir. Bu dosya, sunucu sertifikasını doğrulamak için gereklidir.
The <literal>client_cert</literal> line gives the pathname to the client certificate file. This certificate is unique to each wireless client of the network. The <literal>client_cert</literal> line gives the pathname to the client certificate file. This certificate is unique to each wireless client of the network.
The <literal>private_key</literal> field is the pathname to the client certificate private key file. The <literal>private_key</literal> field is the pathname to the client certificate private key file.
The <literal>private_key_passwd</literal> field contains the passphrase for the private key. <literal> private_key_passwd </literal> alanı, özel anahtarın parolasını içerir.
Then, add the following lines to <filename>/etc/rc.conf</filename>: Ardından, <filename> /etc/rc.conf </filename> öğesine aşağıdaki satırları ekleyin:
The next step is to bring up the interface: Bir sonraki adım arayüzü açmaktır:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
It is also possible to bring up the interface manually using <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ifconfig</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Arabirimi <citerefentry><refentrytitle>wpa_supplicant</refentrytitle><manvolnum>8</manvolnum> </citerefentry> ve <citerefentry><refentrytitle>ifconfig</refentry> 8 < </ manvolnum> </ citerefentry>.
<acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym> <acronym>WPA</acronym> with <acronym>EAP-TTLS</acronym>
With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data. <acronym> EAP-TLS </acronym> ile, hem kimlik doğrulama sunucusunun hem de istemcinin bir sertifikaya ihtiyacı vardır. <acronym> EAP-TTLS </acronym> ile istemci sertifikası isteğe bağlıdır. Bu yöntem, ziyaretçilerin istemci tarafı sertifikaları olmasa bile güvenli bir <acronym> SSL </acronym> tüneli oluşturan bir web sunucusuna benzer. <acronym> EAP-TTLS </acronym>, kimlik doğrulama verilerinin güvenli taşınması için şifreli bir <acronym> TLS </acronym> tüneli kullanır.
The required configuration can be added to <filename>/etc/wpa_supplicant.conf</filename>: Gerekli yapılandırma <filename> /etc/wpa_supplicant.conf </filename> dosyasına eklenebilir:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=TTLS <co xml:id="co-ttls-eap"/>
identity="test" <co xml:id="co-ttls-id"/>
password="test" <co xml:id="co-ttls-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/>
phase2="auth=MD5" <co xml:id="co-ttls-pha2"/>
}
This field specifies the <acronym>EAP</acronym> method for the connection. Bu alan, bağlantı için <acronym> EAP </acronym> yöntemini belirtir.
The <literal>identity</literal> field contains the identity string for <acronym>EAP</acronym> authentication inside the encrypted <acronym>TLS</acronym> tunnel. <literal> identity </literal> alanı, şifreli <acronym> TLS </acronym> tüneli içinde <acronym> EAP </acronym> kimlik doğrulaması için kimlik dizesini içerir.
The <literal>password</literal> field contains the passphrase for the <acronym>EAP</acronym> authentication. <literal> parola </literal> alanı, <acronym> EAP </acronym> kimlik doğrulamasının parolasını içerir.
This field specifies the authentication method used in the encrypted <acronym>TLS</acronym> tunnel. In this example, <acronym>EAP</acronym> with MD5-Challenge is used. The <quote>inner authentication</quote> phase is often called <quote>phase2</quote>. Bu alan şifreli <acronym> TLS </acronym> tünelinde kullanılan kimlik doğrulama yöntemini belirtir. Bu örnekte, MD5-Challenge ile birlikte <acronym> EAP </acronym> kullanılmaktadır. <quote> iç kimlik doğrulama </quote> aşamasına genellikle <quote> phase2 </quote> adı verilir.
Next, add the following lines to <filename>/etc/rc.conf</filename>: Ardından, <filename> /etc/rc.conf </filename> öğesine aşağıdaki satırları ekleyin:
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<prompt>#</prompt> <userinput>service netif start</userinput>
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
ether 00:11:95:d5:43:62
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
wme burst roaming MANUAL
<acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym> <acronym>WPA</acronym> with <acronym>EAP-PEAP</acronym>
<acronym>PEAPv0/EAP-MSCHAPv2</acronym> is the most common <acronym>PEAP</acronym> method. In this chapter, the term <acronym>PEAP</acronym> is used to refer to that method. <acronym> PEAPv0 / EAP-MSCHAPv2 </acronym> en yaygın <acronym> PEAP </acronym> yöntemidir. Bu bölümde, bu yöntemi ifade etmek için <acronym> PEAP </acronym> terimi kullanılmaktadır.
Protected EAP (<acronym>PEAP</acronym>) is designed as an alternative to <acronym>EAP-TTLS</acronym> and is the most used <acronym>EAP</acronym> standard after <acronym>EAP-TLS</acronym>. In a network with mixed operating systems, <acronym>PEAP</acronym> should be the most supported standard after <acronym>EAP-TLS</acronym>. Korumalı EAP (<acronym> PEAP </acronym>), <acronym> EAP-TTLS </acronym> 'e alternatif olarak tasarlanmıştır ve <acronym> EAP-TLS < / kısaltması>. Karışık işletim sistemlerine sahip bir ağda, <acronym> PEAP </acronym>, <acronym> EAP-TLS </acronym> 'dan sonra en çok desteklenen standart olmalıdır.
<acronym>PEAP</acronym> is similar to <acronym>EAP-TTLS</acronym> as it uses a server-side certificate to authenticate clients by creating an encrypted <acronym>TLS</acronym> tunnel between the client and the authentication server, which protects the ensuing exchange of authentication information. <acronym>PEAP</acronym> authentication differs from <acronym>EAP-TTLS</acronym> as it broadcasts the username in the clear and only the password is sent in the encrypted <acronym>TLS</acronym> tunnel. <acronym>EAP-TTLS</acronym> will use the <acronym>TLS</acronym> tunnel for both the username and password. <acronym> PEAP </acronym>, istemci ile istemci arasında şifreli bir <acronym> TLS </acronym> tüneli oluşturarak istemcilerin kimliğini doğrulamak için sunucu tarafı bir sertifika kullandığından <acronym> EAP-TTLS </acronym> 'e benzer. sonraki kimlik doğrulama bilgilerinin değişimini koruyan kimlik doğrulama sunucusu. <acronym> PEAP </acronym> kimlik doğrulaması, <acronym> EAP-TTLS </acronym> 'den farklıdır, çünkü kullanıcı adını net olarak yayınlar ve şifrelenmiş <acronym> TLS </acronym> tünelinde sadece şifre gönderilir. <acronym> EAP-TTLS </acronym>, hem kullanıcı adı hem de şifre için <acronym> TLS </acronym> tünelini kullanacaktır.
Add the following lines to <filename>/etc/wpa_supplicant.conf</filename> to configure the <acronym>EAP-PEAP</acronym> related settings: <acronym> EAP-PEAP </acronym> ile ilgili ayarları yapılandırmak için <filename> /etc/wpa_supplicant.conf </filename> öğesine aşağıdaki satırları ekleyin:
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=PEAP <co xml:id="co-peap-eap"/>
identity="test" <co xml:id="co-peap-id"/>
password="test" <co xml:id="co-peap-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-peap-cacert"/>
phase1="peaplabel=0" <co xml:id="co-peap-pha1"/>
phase2="auth=MSCHAPV2" <co xml:id="co-peap-pha2"/>
}
network={
ssid="freebsdap"
proto=RSN
key_mgmt=WPA-EAP
eap=PEAP <co xml:id="co-peap-eap"/>
identity="test" <co xml:id="co-peap-id"/>
password="test" <co xml:id="co-peap-passwd"/>
ca_cert="/etc/certs/cacert.pem" <co xml:id="co-peap-cacert"/>
phase1="peaplabel=0" <co xml:id="co-peap-pha1"/>
phase2="auth=MSCHAPV2" <co xml:id="co-peap-pha2"/>
}
This field contains the parameters for the first phase of authentication, the <acronym>TLS</acronym> tunnel. According to the authentication server used, specify a specific label for authentication. Most of the time, the label will be <quote>client <acronym>EAP</acronym> encryption</quote> which is set by using <literal>peaplabel=0</literal>. More information can be found in <citerefentry><refentrytitle>wpa_supplicant.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Bu alan, kimlik doğrulamanın ilk aşaması olan <acronym> TLS </acronym> tüneli için parametreleri içerir. Kullanılan kimlik doğrulama sunucusuna göre, kimlik doğrulama için belirli bir etiket belirtin. Çoğu zaman etiket, <literal> peaplabel = 0 </literal> kullanılarak ayarlanan <quote> istemci <acronym> EAP </acronym> şifreleme </quote> olur. Daha fazla bilgi <citerefentry><refentrytitle>wpa_supplicant.conf</refentrytitle><manvolnum>5</manvolnum> </citerefentry> 'de bulunabilir.

Loading…

With <acronym>EAP-TLS</acronym>, both the authentication server and the client need a certificate. With <acronym>EAP-TTLS</acronym>, a client certificate is optional. This method is similar to a web server which creates a secure <acronym>SSL</acronym> tunnel even if visitors do not have client-side certificates. <acronym>EAP-TTLS</acronym> uses an encrypted <acronym>TLS</acronym> tunnel for safe transport of the authentication data.
<acronym> EAP-TLS </acronym> ile, hem kimlik doğrulama sunucusunun hem de istemcinin bir sertifikaya ihtiyacı vardır. <acronym> EAP-TTLS </acronym> ile istemci sertifikası isteğe bağlıdır. Bu yöntem, ziyaretçilerin istemci tarafı sertifikaları olmasa bile güvenli bir <acronym> SSL </acronym> tüneli oluşturan bir web sunucusuna benzer. <acronym> EAP-TTLS </acronym>, kimlik doğrulama verilerinin güvenli taşınması için şifreli bir <acronym> TLS </acronym> tüneli kullanır.
4 months ago
Browse all component changes

Glossary

English Turkish (tr_TR)
authentication kimlik denetimi FreeBSD Doc
authentication kimlik denetmele,doğrulama FreeBSD Doc
client istemci FreeBSD Doc
client istemci FreeBSD Doc
data veri FreeBSD Doc
data loss veri kaybı FreeBSD Doc
encrypt şifrelemek FreeBSD Doc
encrypted şifreli,şifrelenmiş FreeBSD Doc
meta data meta veri FreeBSD Doc
name server ad sunucusu FreeBSD Doc
server sunucu FreeBSD Doc
super server hizmet dağıtıcı FreeBSD Doc
tunnel geçit,tünel FreeBSD Doc
web browser web tarayıcısı,ağ tarayıcısı FreeBSD Doc
web page web sayfası FreeBSD Doc

Source information

Source string comment
(itstool) path: sect5/para
Source string location
book.translate.xml:63625
String age
6 months ago
Source string age
a year ago
Translation file
books/tr_TR/handbook.po, string 10418