2,306
edits
Changes
Jump to navigation
Jump to search
mLine 22:
Line 22: − + − + + + − + − + − + − + − <source lang=bash>#!/bin/bash+ Line 229:
Line 231: + + + + + + + + + + + + + + + + + + + + + + + + + +
Network Interface Authentication (wpa-suplicant) (edit)
Revision as of 11:50, 18 November 2019
, 11:50, 18 November 2019no edit summary
private_key_passwd="1234567890"
private_key_passwd="1234567890"
}
}
== Deploy certificates ==
==Deploy certificates==
* Edit /etc/ssl/openssl.cnf
*Edit /etc/ssl/openssl.cnf
<nowiki>...
<nowiki>...
nsCertType = client
nsCertType = client
...</nowiki>
...</nowiki>
== If wpa supplicant does not start try to start it manualy ==
==If wpa supplicant does not start try to start it manualy==
Check by listening with wireshar & filter by: eapol
Check by listening with wireshar & filter by: eapol
/sbin/wpa_supplicant -s -B -P /run/wpa_supplicant.eth0.pid -i eth0 -D wired -c /etc/wpa_supplicant.conf
/sbin/wpa_supplicant -s -B -P /run/wpa_supplicant.eth0.pid -i eth0 -D wired -c /etc/wpa_supplicant.conf
== Script ==
==Script==
<source lang="bash">#!/bin/bash
#Made with love, 4u
#Made with love, 4u
echo "Configurador cliente NAC para linux Debian based"
echo "Configurador cliente NAC para linux Debian based"
;;
;;
esac</source>
esac</source>
=== Certs From .pfx ===
<syntaxhighlight lang="bash">
HOSTNAME=$1
pfx=$1.pfx
crea_claves () {
echo ""
echo "Exportando la CA"
openssl pkcs12 -in ${pfx} -out ${HOSTNAME}_cacert.pem -cacerts -nokeys
echo ""
echo "Exportando el certificado de cliente"
openssl pkcs12 -in ${pfx} -out ${HOSTNAME}_cert.pem -clcerts -nokeys
echo ""
echo "Exportando la clave privada (necesita contraseña)"
openssl pkcs12 -in ${pfx} -out ${HOSTNAME}_key.pem -nocerts
echo "Claves creadas!! Acuerdate de la pass!!!"
ls *.pem
}
crea_claves
</syntaxhighlight>