Porteus

Hi,

I'm introducing 802.1x and the time has now come to Porteus Kiosk.
I have made a new installation with 4.7.0 and entered username and password.

But it seems that porteus is very limited in terms of EAP methods.
As far as i have figured out it only support EAP-TTLS/PAP. Can someone verify that or correct me?

Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?

Br,
Thomas

Hi Thomas,

"As far as i have figured out it only support EAP-TTLS/PAP. Can someone verify that or correct me?"
Correct

"Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?"
As far as i know this method requires certificate to work? If yes the it will be more complicated to get it working properly as cert may expire and without network access you wont be able to update it easily.
The only way would be to load a new cert from the usb stick (which means that custom build would be required).

fanthom wrote: ↑

17 Jan 2019, 15:08

"Is there a way to make it use EAP-PEAP / EAP-MSCHAPv2?"
As far as i know this method requires certificate to work? If yes the it will be more complicated to get it working properly as cert may expire and without network access you wont be able to update it easily.
The only way would be to load a new cert from the usb stick (which means that custom build would be required).

Yes, and no.
If set up correct, a host name and a CA should be defined. Then you can update radius cert as you see fit as long as the CA and host name is the same.

I believe Porteus base is centos. If I can make 802.1x work on a standard centos, is it possible to alter the iso?

Br
Thomas

I'm sorry but i dont understand the concept (I thought when cert is not available or expires then network connection cant be established?)

Anyway - feel free to customize the ISO and make it working the way you want:
https://porteus-kiosk.org/kiosk-customization.html

Thanks