On Thu, 28 May 2020 07:29:30 -0400 Gene Heskett <ghesk...@shentel.net> wrote:
> > > > If one of your machines is always on, and your router can do it > > (most can), you could try RADIUS... > > They are up 24/7. tell me more plz. The comment was a bit light-hearted, RADIUS can be a beast. Debian makes it relatively easy, unless you want to use an authentication method not enabled by default, as I did. I did get it running on my server some years ago (about 10-15) after several days work. It didn't help that the (Cisco!) router I was using had a serious configuration bug in the RADIUS section, which took me a day or two to discover. It was a proof of concept, really, and something extra to put on my CV. There are various authentication methods, I picked EAP-TLS, which requires certificates signed by a local certificate authority (you *don't* want to link this to the public infrastructure) on client computers. Guaranteed neighbour-proof, but could be a lot of work, and no good for visitors. But I had a separate wifi channel for visitors, only enabled when necessary. https://wiki.freeradius.org/guide/Getting-Started -- Joe