Zeroshell workshop
|
On the Client
You now need to configure all workstations on the network to use the RADIUS server. To do this, copy the certificate originally found on the Zeroshell machine to each client. Then, open the network manager on the computer and change the security setting from WPA & WPA2 Personal to WPA & WPA2 Enterprise .
In this example, I selected the Tunneled TLS option for Legitimacy to establish a connection through the EAP-TLS standard. In the CA certificate field, enter the certificate stored on the hard disk as originally generated by Zeroshell. With Debian and its derivatives, you can simply do a search in the data manager; on Mageia/Mandriva-based systems, you need to specify the entire search path.
Finally, enter the username and password stored on the RADIUS to get user legitimacy. Saving the settings completes the configuration (Figure 4). You can now easily register yourself on the net, where the entire communication is encrypted and digitally signed. A break-in by unauthorized third parties into the WLAN by capturing and decrypting the traffic is excluded in this environment. (Also see the "Accounting" box.)
Accounting
A further service that the RADIUS server provides in your WLAN is accounting. You can create user and class-specific accounts that are used for billing and restricting Internet access. Zeroshell not only provides volume and time-based billing models but also lets you set limits for data, time, and bandwidth.
You can get to the accounting settings by clicking Accounting on the left of the options window. Then, switch on accounting at the right of the window and define an accounting model with Accounting Classes | Add . These accounting classes will show up on the right as a list, and you may possibly need to activate the class depending the model used. In the area on the left, you also see a list of registered users. You call up their detailed accounts and accounting data by double-clicking each username.
Figure 4: A few settings on the client are necessary.
Conclusion
With Zeroshell, you can protect your wireless LAN professionally against unwanted eavesdroppers and intruders. Zeroshell greatly reduces the configuration effort for conventional distributions in that it collects all necessary setting dialogs and controls in an easy-to-use interface. l
Infos
- Zeroshell: http://www.zeroshell.org/
« Previous 1 2 3 Next »
Buy this article as PDF
Pages: 3
(incl. VAT)
Buy Ubuntu User
US / Canada
UK / Australia
Related content
-
User accounts with OpenLDAP's central administration
If you have multiple users logging into different computers or applications, the LDAP directory service can accommodate your needs
-
Encrypting email with GnuPG
US intelligence agencies tap into billions of call data and electronic messages monthly – reason enough to consider encrypting your email traffic.
-
Perfect setup and installation of ownCloud 9
ownCloud makes it possible to operate a private cloud on an intranet of almost any size. All you need is a standard LAMP environment, which comes with almost every Linux server.
-
Installing and testing Nextcloud
Leading ownCloud developers, including the project founder Frank Karlitschek, became dissatisfied with the direction of the project, so they started Nextcloud, a fork of the code and a new company. The goal is to create a better balance among the company, clients, and users. We take a look at how Nextcloud is faring.
-
Zentyal Server 3.5
Some users may struggle when setting up various services, such as web servers, email servers, firewalls, and the like. Zentyal simplifies configuration of all those things, thanks to its intuitive user interface.