Open main menu

Linux and Unix Users Group at Virginia Teck Wiki β

Changes

Virginia Tech Wifi

949 bytes added, 20:13, 2 February 2015
no edit summary
<font color="red">Warning: Use of '''PEAP-MSCHAPv2 ''' is a wireless authentication scheme used by Virginia Tech as an alternative to [[EAP-TLS]] for connections to connect [[VT-Wireless]]. ==Connection information=====eduroam===The following settings are recommended for connecting to the Eduroam network: SSID: eduroamEAP: PEAPPhase 2: MSCHAPv2Identity: pid@vt.edu (So if your PID was "hokiebird", hokiebird@vt.edu)Anonymous Identity: anonymous@vt.eduPassword: [https://www.computing.vt.edu/kb/entry/3765 Your Network Password] ====RADIUS certificates====The certificate verification methods vary greatly between different network managers, but the certificate currently in use for the Virginia Tech network RADIUS servers is strongly discouraged by available from the Linux [https://ash.eprov.seti.vt.edu/EJBCAWebRequest/certSearch?cmd=search&keyword=VT-Wireless PKI Certificate Search site] and Unix Users Group due to attacks that can allow all traffic to be decrypted with a 100% success ratethe certificate chain is the (Obsolete) [https://secure.hosting.vt.edu/www.pki.vt.<edu/font>developer/rootca.html#globalserver Virginia Tech Global Server CA] chain.
'''==A word of caution on MSCHAPv2==Warning: Use of PEAP-MSCHAPv2''' to connect to the Virginia Tech network is a wireless authentication scheme used strongly discouraged by Virginia Tech as an alternative the Linux and Unix Users Group due to [[EAP-TLS]] for connections attacks that can allow all traffic to [[be decrypted with a 100% success rate. Unfortunately, VT-Wireless]]has deprecated its use so users will soon lose the choice to use certificates.
At DefCon 20 in July 2012, an attack was announced for MSCHAPv2 that allows the protocol to be cracked quickly with a 100% success rate.<ref>[https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/]</ref> '''Use of MSCHAPv2 is strongly discouraged.'''
 
==Set your remote access (network) passphrase==
Anonymous user