|
Hello all, I am designing a WiFi secure access solution at work based
on 802.1x protocol. Because of the security requirements, I can use only
two-factor authentication or one time passwords (OTP). After research and some pilots, I have an infrastructure
capable of doing PEAP-MSCHAPv2, PEAP-TLS and EAP-TLS authentication protocols. Currently I am trying to gather information about the level
of usability of 802.1x Linux supplicants and SmartCard device support. Any real life experience about the things listed below is
greatly appreciated: -
802.1x supplicants
capable of doing one of: PEAP-TLS, PEAP-MSCHAPv2, EAP-TLS -
OTP hardware device
support (this is not a must as those can work as stand-alone, but could be nice
to copy&paste the OTP) -
SmartCard support –
as our security policy restricts storing digital certificates used for VPN
access on the hard drive, it has to be on one of those e-Token, ActiveCard,
SmartCard gadgets… Any pointers to Linux supported devices are more than
welcome. TIA, Guy |
