[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: 802.11 Shared Key Authentication is bad [was NetworkManager Issues]



On Fri, 5 Nov 2004, Charles R. Anderson wrote:
On Fri, Nov 05, 2004 at 11:30:26AM -0500, Dan Williams wrote:
On Fri, 2004-11-05 at 11:08 -0500, Charles R. Anderson wrote:
On Fri, Nov 05, 2004 at 05:02:40PM +0100, Ziga Mahkovec wrote:
As for the ipw2100 driver -- versions 0.57+ now actually default to
OPEN.  But NM overrides this so no harm done.  It does make life harder
if you're using ifup scripts with shared key authentication though.  I
had to patch ifup-wireless to force restricted mode.

Shared Key auth is worse than no authentication/encryption at all. Anyone with a clue will be using Open System. I don't think we should put too much effort into making Shared Key easy to use.

Charles,


Why is it so much worse?

By doing Shared Key Authentication, you are providing potential crackers with both the Plaintext and the Ciphertext for the same data. This makes is much much easier for a third party to basically figure out what the WEP key is.
[...]

That said, are there plans for fedora to support 802.11x? Plus different EAP variants, most importantly EAP-TLS?

There are open source packages out there... and it would be nice if Linux could do this off-the-box such as Windows has been doing for a long time now..

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]