[daily][netctl] netctl有线网络连接使用802.1x进行验证上网

由于企业安全管理要求,需要验证上网。验证方式是账号密码+802.1x

目前先调研了一下方案,还没有实施,大概调研结果如下:

先参考:https://jlk.fjfi.cvut.cz/arch/manpages/man/netctl.profile.5

以及:https://wiki.archlinux.org/index.php/WPA_supplicant#Advanced_usage

https://jlk.fjfi.cvut.cz/arch/manpages/man/wpa_supplicant.conf.5

netctl的关键选项:

Next to the ip options, the following are understood for connections of the ‘ethernet’ type:
Auth8021X=
Set to ‘yes’ to use .1x authentication.
WPAConfigFile=
Path to a wpa_supplicant configuration file. Defaults to /etc/wpa_supplicant.conf.
WPADriver=
The wpa_supplicant driver to use for .1x authentication. Defaults to ‘wired’.

wpa的关键选项:

/etc/wpa_supplicant/wpa_supplicant-wired-adapter.conf

ctrl_interface=/var/run/wpa_supplicant
ap_scan=
network={
key_mgmt=IEEE8021X
eap=PEAP
identity="user_name"
password="user_password"
phase2="autheap=MSCHAPV2"
}

测试一下,好使了,如图:

[daily][netctl] netctl有线网络连接使用802.1x进行验证上网

如果同样的配置换成无线网卡呢?

只需要调整wpa_supplicant.conf即可

[root@T7 netctl]# cat /etc/wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant
network={
ssid="XX"
key_mgmt=WPA-EAP
eap=PEAP
identity="cxxxxxx"
password="Cxxxxx"
phase2="autheap=MSCHAPV2"
}

见:man wpa_supplicant.conf 中的配置例子二。

上一篇:SSH 远程登陆


下一篇:android——ListView功能的实现