FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 04-02-2008, 08:28 PM
Martin Sourada
 
Default NetworkManager + 802.1x wired?

On Wed, 2008-04-02 at 15:09 -0500, Jeffrey Ollie wrote:
> On Wed, Apr 2, 2008 at 2:53 PM, Harald Hoyer <harald@redhat.com> wrote:
> > Bill Nottingham wrote:
> > >
> > > > correct… seems to be started by NM / dbus according to the bootchart…
> > > >
> > >
> > > This *should* be in the background and not actually be delaying the boot.
> >
> > The point is: Why is it started anyway? I have *no* wireless! No need to
> > eat disk/CPU resources (which *is* delaying the boot).
>
> Authentication isn't just for wireless anymore... Many network
> switches can be configured to require 802.1x authentication from a
> system before allowing access to the network. I'll be looking into
> enabling 802.1x authentication here at work this summer. This is a
> case of having things "just work" - having the world's fastest boot
> time shouldn't be the ultimate goal here.
>
> Jeff
>

Speaking of which... Is there a way to configure NetworkManager to
authenticate to 802.1x wired network? Not that I mind running ifconfig,
xsupplicant, dhclient by hand but nm could simplify a life a lot

Martin
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-03-2008, 01:33 AM
Dan Williams
 
Default NetworkManager + 802.1x wired?

On Wed, 2008-04-02 at 22:28 +0200, Martin Sourada wrote:
> On Wed, 2008-04-02 at 15:09 -0500, Jeffrey Ollie wrote:
> > On Wed, Apr 2, 2008 at 2:53 PM, Harald Hoyer <harald@redhat.com> wrote:
> > > Bill Nottingham wrote:
> > > >
> > > > > correct… seems to be started by NM / dbus according to the bootchart…
> > > > >
> > > >
> > > > This *should* be in the background and not actually be delaying the boot.
> > >
> > > The point is: Why is it started anyway? I have *no* wireless! No need to
> > > eat disk/CPU resources (which *is* delaying the boot).
> >
> > Authentication isn't just for wireless anymore... Many network
> > switches can be configured to require 802.1x authentication from a
> > system before allowing access to the network. I'll be looking into
> > enabling 802.1x authentication here at work this summer. This is a
> > case of having things "just work" - having the world's fastest boot
> > time shouldn't be the ultimate goal here.
> >
> > Jeff
> >
>
> Speaking of which... Is there a way to configure NetworkManager to
> authenticate to 802.1x wired network? Not that I mind running ifconfig,
> xsupplicant, dhclient by hand but nm could simplify a life a lot

There's support for it, yes, but not via the UI (yet). If the correct
bits get populated in GConf, then it should work. I can send details on
how to do that if you'd like.

Dan


--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-04-2008, 01:09 PM
Martin Sourada
 
Default NetworkManager + 802.1x wired?

On Wed, 2008-04-02 at 21:33 -0400, Dan Williams wrote:
> There's support for it, yes, but not via the UI (yet). If the correct
> bits get populated in GConf, then it should work. I can send details on
> how to do that if you'd like.
>
> Dan

Yeah, I'd like. To outline my situation:

* at home I have wireless connection with WEP key authentication works
perfect with rawhide, nm even remembers that it should connect to the AP
I use rather than trying another (which was the case in F8)

* at dorm I have wired connection and the script I made for the
connection has to do these steps:

1. stop NetworkManager service
2. turn on eth0 interface (via ifconfig eth0 up)
3. after short wait start xsupplicant
- it uses eap-ttls certification and pap authentication
4. start dhclient

I don't know if I am able to use wpa_supplicant instead of xsupplicant
as the last time I tried it (FC6 days) I wasn't able to successfully
authenticate.

Thanks,
Martin

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-04-2008, 06:47 PM
Dan Williams
 
Default NetworkManager + 802.1x wired?

On Fri, 2008-04-04 at 15:09 +0200, Martin Sourada wrote:
> On Wed, 2008-04-02 at 21:33 -0400, Dan Williams wrote:
> > There's support for it, yes, but not via the UI (yet). If the correct
> > bits get populated in GConf, then it should work. I can send details on
> > how to do that if you'd like.
> >
> > Dan
>
> Yeah, I'd like. To outline my situation:
>
> * at home I have wireless connection with WEP key authentication works
> perfect with rawhide, nm even remembers that it should connect to the AP
> I use rather than trying another (which was the case in F8)
>
> * at dorm I have wired connection and the script I made for the
> connection has to do these steps:
>
> 1. stop NetworkManager service
> 2. turn on eth0 interface (via ifconfig eth0 up)
> 3. after short wait start xsupplicant
> - it uses eap-ttls certification and pap authentication
> 4. start dhclient
>
> I don't know if I am able to use wpa_supplicant instead of xsupplicant
> as the last time I tried it (FC6 days) I wasn't able to successfully
> authenticate.

Can you give wpa_supplicant a shot again to make sure it will work
first? Make sure you set "ap_scan=0" in the global section (ie, at the
top and not in a 'network' block).

Thanks,
Dan

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-21-2008, 03:38 PM
Martin Sourada
 
Default NetworkManager + 802.1x wired?

On Fri, 2008-04-04 at 14:47 -0400, Dan Williams wrote:
> Can you give wpa_supplicant a shot again to make sure it will work
> first? Make sure you set "ap_scan=0" in the global section (ie, at the
> top and not in a 'network' block).
>
> Thanks,
> Dan
>
OK,

Seems I've managed to get it working with wpa_supplicant as well. The
script I use for wpa_supplicant handled connection looks like this:

#!/bin/bash
service NetworkManager stop
ifconfig eth0 up
sleep 8
wpa_supplicant -ieth0 -Dwired -c/home/martin/.private/KolejNET/wpa.conf
-B
dhclient eth0
killall -9 hald-addon-input

The sleep 8 is there because in past I was having problems with
xsupplicant trying to run before eth0 was already up, so I left it
there, just in case... The killall -9 hald-addon-input is there because
I noticed that during some of that steps (probably stopping nm) cpu load
goes to 100 % and stays there until I kill that daemon...

So, what is the way now to get it working with nm?

Thanks,
Martin
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-21-2008, 04:40 PM
Dan Williams
 
Default NetworkManager + 802.1x wired?

On Mon, 2008-04-21 at 17:38 +0200, Martin Sourada wrote:
> On Fri, 2008-04-04 at 14:47 -0400, Dan Williams wrote:
> > Can you give wpa_supplicant a shot again to make sure it will work
> > first? Make sure you set "ap_scan=0" in the global section (ie, at the
> > top and not in a 'network' block).
> >
> > Thanks,
> > Dan
> >
> OK,
>
> Seems I've managed to get it working with wpa_supplicant as well. The
> script I use for wpa_supplicant handled connection looks like this:
>
> #!/bin/bash
> service NetworkManager stop
> ifconfig eth0 up
> sleep 8
> wpa_supplicant -ieth0 -Dwired -c/home/martin/.private/KolejNET/wpa.conf
> -B
> dhclient eth0
> killall -9 hald-addon-input
>
> The sleep 8 is there because in past I was having problems with
> xsupplicant trying to run before eth0 was already up, so I left it
> there, just in case... The killall -9 hald-addon-input is there because
> I noticed that during some of that steps (probably stopping nm) cpu load
> goes to 100 % and stays there until I kill that daemon...
>
> So, what is the way now to get it working with nm?

1) Right-click on the applet, choose "Edit connections..."; or
run /usr/bin/nm-connection-editor

2) Select the "Wired" tab

3) Click "Add"

4) Select the "802.1x Security" tab

5) Check the "Use 802.1x security for this connection" box

6) Choose your phase1 authentication (TLS, TTLS, PEAP)

7) Fill in the rest of the options

8) Hit OK

9) Plug the cable in

10) choose "Wired connection 1" from applet menu

I just got an 802.1x capable switch last week so if something goes
wrong, please send /var/log/messages and I'll poke around and try to
debug.

Thanks!
Dan


--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-21-2008, 04:47 PM
Dan Williams
 
Default NetworkManager + 802.1x wired?

On Mon, 2008-04-21 at 17:38 +0200, Martin Sourada wrote:
> On Fri, 2008-04-04 at 14:47 -0400, Dan Williams wrote:
> > Can you give wpa_supplicant a shot again to make sure it will work
> > first? Make sure you set "ap_scan=0" in the global section (ie, at the
> > top and not in a 'network' block).
> >
> > Thanks,
> > Dan
> >
> OK,
>
> Seems I've managed to get it working with wpa_supplicant as well. The
> script I use for wpa_supplicant handled connection looks like this:
>
> #!/bin/bash
> service NetworkManager stop
> ifconfig eth0 up
> sleep 8
> wpa_supplicant -ieth0 -Dwired -c/home/martin/.private/KolejNET/wpa.conf
> -B
> dhclient eth0
> killall -9 hald-addon-input

The hald-addon-input bug got fixed upstream so should be trickling down
to rawhide at some point soon.

Dan


--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 04-21-2008, 05:39 PM
Martin Sourada
 
Default NetworkManager + 802.1x wired?

On Mon, 2008-04-21 at 12:40 -0400, Dan Williams wrote:
> On Mon, 2008-04-21 at 17:38 +0200, Martin Sourada wrote:
> 1) Right-click on the applet, choose "Edit connections..."; or
> run /usr/bin/nm-connection-editor
>
> 2) Select the "Wired" tab
>
> 3) Click "Add"
>
> 4) Select the "802.1x Security" tab
>
> 5) Check the "Use 802.1x security for this connection" box
>
> 6) Choose your phase1 authentication (TLS, TTLS, PEAP)
>
> 7) Fill in the rest of the options
>
> 8) Hit OK
>
> 9) Plug the cable in
>
> 10) choose "Wired connection 1" from applet menu
>
> I just got an 802.1x capable switch last week so if something goes
> wrong, please send /var/log/messages and I'll poke around and try to
> debug.
>
> Thanks!
> Dan
>
Thanks,
so far it seems it works

Thanks again!
Martin
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 

Thread Tools




All times are GMT. The time now is 10:42 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org