This is a very hacky radius implementation (please use for testing only). You can test the loginflow with eapol_test from wpa_supplicant package. Also required: ruby/openssl#530

In one terminal:

openssl req -nodes -x509 -newkey rsa:4096 -sha256 -subj '/CN=localhost/' -days 99999 -keyout server.key -out server.crt
ruby radius-eap-ttls-server.rb

In another terminal:

cat > radius-test.config <<EOF
network={
        eap=TTLS
        phase2="auth=PAP"
        identity="user"
        password="password"
}
EOF
eapol_test -c radius-test.config -s radsec -r 0

You should see SUCCESS at the end of terminal2 and ! killing connection, done in terminal1

By admin

Leave a Reply

Your email address will not be published.