[opensource] Trying for OSU wireless on Ubuntu 10.04 netbook

Brian Swaney swaneybr at opensource.osu.edu
Mon May 17 19:46:10 EDT 2010


For added security, you should set the CA certificate field to 
/etc/ssl/certs/Equifax_Secure_CA.pem or you'll be subject to a 
man-in-the-middle attack. It's still possible to MITM with that cert, 
but harder. Ubuntu 10.04 seems to have it installed by default, but if 
you don't have the certificate you can download a copy from 
https://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer 
and copy it into /etc/ssl/certs or wherever. Wireless internet will work 
without that setting, but it might warn you every so often about 
selecting a CA certificate, and with that setting it is less likely to 
connect to a rogue access point.

Also, in some places you may need the PEAP version set to "0" or it 
won't work. I don't know why it works in some places but not others 
without that, but that's my personal experience.

Other than that, the settings look good to me.

--
Brian Swaney
Open Source Club at
Ohio State University
Website Administrator



More information about the Opensource mailing list