Thursday, November 5, 2009

UMD Secure Wireless with Ubuntu

On the University of Maryland campus, staff and students have access to (at least) two campus-run wireless networks: umd and umd-secure. Predictably, the umd SSID is completely unencrypted, while umd-secure sends data using WPA2 technology. If you are on umd, anyone with (widely available) wireless snooping tools installed can observe, or "sniff," your data. This is bad!

The University of Maryland provides Windows- and Mac-based instructions on how to connect to the secure umd-secure SSID (link). However, their site neglects a third popular player in the campus OS battle: Ubuntu.

If you would like to connect to umd-secure using Ubuntu, use the following settings:

Security: WPA & WPA2 Enterprise
Authentication: Tunneled TLS
Anonymous identity: anonymous
CA certificate: see below
Inner authentication: PAP
Username: (Your Directory ID)
Password: (Your Directory Password)

To select the CA Certificate, open the "Choose a Certificate Authority certificate..." dialog box. Navigate to /etc/ssl/certs. Select Thawte_Premium_Server_CA.pem. Press "Open."

If you are using an older version of Ubuntu, you may need to download the Thawte certificate from their site.

That's all there is to it! If you'd like more information about what's going on, check out the following Wikipedia pages:

WPA/WPA2 (link)
Public-key Cryptography (link)
CA, or Certificate Authority (link)

This post written from umd-secure on Ubuntu.

Labels: , , ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home