Re: 802.1X authenticator for FreeBSD

[Peter Ankerstål]

> On 18 Oct 2017, at 21:39, Charles Sprickman  wrote:
> 
> 
>> On Oct 18, 2017, at 1:10 PM, Peter Ankerstål  wrote:
>> 
>>> 
>>> I’m under the impression that the authenticator function in a wired network 
>>> is usually part of the switch, and the switch will talk to some 
>>> authentication server like RADIUS, giving it the port number of the 
>>> connected device and additional information.
>>> 
>>> If FreeBSD had such a function, I think it would be limited to 
>>> point-to-point Ethernet links, 802.1x being a link-layer protocol.
>>> 
>> 
>> Yes I know, but this is functional in hostapd for Linux and it would be nice 
>> to have it in FreeBSD as well. 
> 
> I’m not seeing this in FreeBSD, but pfsense does claim to support 802.1x for 
> wifi.
> 
> I just happen to be reading about radius (last I used it was for dialup) for 
> wifi auth and the quick overview on the radius side of things is that the AP 
> software sends your auth info as well as MAC and a bunch of other stuff, and 
> the radius server (much like dialup) sends back all sorts of info beyond auth 
> success/fail - session timeout, info on what VLAN the client may be on, 
> firewall policies, etc. Pretty cool stuff.

802.1X (or WPA2 Enterprise) works fine with hostapd for wireless in FreeBSD. 
Well, the authentication at least. I havent tried assigning clients to specific 
vlans and so on but according to the documentation it is possible.

smime.p7s
Description: S/MIME cryptographic signature

Re: error instaling any ports

[Denis Granato]

Ok its worked
Entered in single mode
Make installworld
Mergemaster -UiP
 now server is alive in 9.3

Tomorrow I check the ports

On Oct 19, 2017 5:36 PM, "Kurt Jaeger"  wrote:

> Hi!
>
> > ok, I will try this, becausa I did everthing, then I reboot, like this
> steps
> >
> > svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
> > make buildworld
> > make buildkernel
> > make installkernel
> > make installworld
> >
> > mergemaster -UiP
> > shutdown -r now
>
> Yes, this works for small upgrades, most of the time. Sometimes
> it fails.
>
> I was lazy when I listed it that way.
>
> The reboot should have been between installkernel and installworld.
>
> --
> p...@opsec.eu+49 171 3101372 3 years to
> go !
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Kurt Jaeger]

Hi!

> ok, I will try this, becausa I did everthing, then I reboot, like this steps
> 
> svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
> make buildworld
> make buildkernel
> make installkernel
> make installworld
> 
> mergemaster -UiP
> shutdown -r now

Yes, this works for small upgrades, most of the time. Sometimes
it fails.

I was lazy when I listed it that way.

The reboot should have been between installkernel and installworld.

-- 
p...@opsec.eu+49 171 3101372 3 years to go !
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Denis Granato]

Good afternoon Kurt and everyone

I follow the steps (that Kurt sent with his help)
After the mergemaster -UiP
the server stop at boot, after this point (see pictures attached)



On Tue, Oct 17, 2017 at 5:11 PM, Kurt Jaeger  wrote:

> Hi!
>
> > > uname -a
> [...]
> > > *server# uname -aFreeBSD server.avgroup.loc 9.1-PRERELEASE FreeBSD
>
> So you have a PRERELEASE version and you have a custom kernel.
>
> Do you know why that is ? Any specific change that needs to
> be in that kernel config ?
>
> Please check if you have a 'svn' binary somewhere, because it looks
> like you need to do a source upgrade first.
>
> rm -rf /usr/obj /usr/src
> mkdir /usr/src
> cd /usr/src
> svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
> make buildworld
> make buildkernel
> make installkernel
> make installworld
> mergemaster -UiP
> shutdown -r now
> cd /usr/src
> make check-old
> make delete-old
> make delete-old-libs
>
> > *server# freebsd-update -r 9.3-RELEASE upgradeLooking up
> update.freebsd.org
> >  mirrors... 3 mirrors found.Fetching public
> key
> > from update6.freebsd.org... failed.Fetching public key from
> > update5.freebsd.org... failed.Fetching public key from
> > update4.freebsd.org... failed.No mirrors remaining, giving up*
>
> Well, freebsd-update only works on GENERIC kernels and systems, so
> your first step needs to be a source upgrade.
>
> Please note: Your binaries from 9.1-PRE will work on 9.3, and probably on
> 10.x, so no need to worry about the packages installed for now.
>
> You can rebuild your ports when you're on 10.x.
>
> --
> p...@opsec.eu+49 171 3101372 3 years to
> go !
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Denis Granato]

ok, I will try this, becausa I did everthing, then I reboot, like this steps

svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
make buildworld
make buildkernel
make installkernel
make installworld

mergemaster -UiP
shutdown -r now

On Thu, Oct 19, 2017 at 5:02 PM, Kurt Jaeger  wrote:

> Hi!
>
> > yes I can boot single mode, mount / , etc
>
> Try to boot single user mode with the new kernel, then re-run
>
> make installworld
> mergemaster -UiP
>
> The normal way to do it is to reboot after
>
> make installkernel
>
> If you ran the installworld before the reboot, some files might
> not be copied.
>
> Another thing: Try to run
>
> ifconfig
>
> and see if it can list the interfaces of the box. Maybe it's the
> old ifconfig binary still left.
>
> > Why you think its a kernel problem not some file that I change
> > in mergemaster questions
>
> I vagely remember that there was an ifconfig thing sometime around
> 9.x.
>
> --
> p...@opsec.eu+49 171 3101372 3 years to
> go !
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Kurt Jaeger]

Hi!

> yes I can boot single mode, mount / , etc

Try to boot single user mode with the new kernel, then re-run

make installworld
mergemaster -UiP

The normal way to do it is to reboot after

make installkernel

If you ran the installworld before the reboot, some files might
not be copied.

Another thing: Try to run

ifconfig

and see if it can list the interfaces of the box. Maybe it's the
old ifconfig binary still left.

> Why you think its a kernel problem not some file that I change
> in mergemaster questions

I vagely remember that there was an ifconfig thing sometime around
9.x.

-- 
p...@opsec.eu+49 171 3101372 3 years to go !
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Denis Granato]

yes I can boot single mode, mount / , etc
Why you think its a kernel problem not some file that I change
in mergemaster questions

because, I boot the serve once and the 9.1-> 9.3 worked
after mergemaster and reboot that happened

On Thu, Oct 19, 2017 at 4:39 PM, Kurt Jaeger  wrote:

> Hi!
>
> > I follow the steps (that Kurt sent with his help)
> > After the mergemaster -UiP
> > the server stop at boot, after this point (see pictures attached)
>
> Can you boot single-mode ?
>
> Can you boot the old kernel ?
>
> --
> p...@opsec.eu+49 171 3101372 3 years to
> go !
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Denis Granato]

Good afternoon Kurt and everyone

I follow the steps (that Kurt sent with his help)
After the mergemaster -UiP
the server stop at boot, after this point

cant attach pictures because of the size, follow some messages errors

ifconfig: ioctl (set name): file exists

/etc/rc warning $ipv6_ifconfig_lo0 is obsolete

ifconfig: lo0 bad value
eval list_vars: not found
eval: sort_lite: not found

these last 3, continues repeatly for ever
I cant get the login screen

On Tue, Oct 17, 2017 at 5:11 PM, Kurt Jaeger  wrote:

> Hi!
>
> > > uname -a
> [...]
> > > *server# uname -aFreeBSD server.avgroup.loc 9.1-PRERELEASE FreeBSD
>
> So you have a PRERELEASE version and you have a custom kernel.
>
> Do you know why that is ? Any specific change that needs to
> be in that kernel config ?
>
> Please check if you have a 'svn' binary somewhere, because it looks
> like you need to do a source upgrade first.
>
> rm -rf /usr/obj /usr/src
> mkdir /usr/src
> cd /usr/src
> svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
> make buildworld
> make buildkernel
> make installkernel
> make installworld
> mergemaster -UiP
> shutdown -r now
> cd /usr/src
> make check-old
> make delete-old
> make delete-old-libs
>
> > *server# freebsd-update -r 9.3-RELEASE upgradeLooking up
> update.freebsd.org
> >  mirrors... 3 mirrors found.Fetching public
> key
> > from update6.freebsd.org... failed.Fetching public key from
> > update5.freebsd.org... failed.Fetching public key from
> > update4.freebsd.org... failed.No mirrors remaining, giving up*
>
> Well, freebsd-update only works on GENERIC kernels and systems, so
> your first step needs to be a source upgrade.
>
> Please note: Your binaries from 9.1-PRE will work on 9.3, and probably on
> 10.x, so no need to worry about the packages installed for now.
>
> You can rebuild your ports when you're on 10.x.
>
> --
> p...@opsec.eu+49 171 3101372 3 years to
> go !
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Kurt Jaeger]

Hi!

> I follow the steps (that Kurt sent with his help)
> After the mergemaster -UiP
> the server stop at boot, after this point (see pictures attached)

Can you boot single-mode ?

Can you boot the old kernel ?

-- 
p...@opsec.eu+49 171 3101372 3 years to go !
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

[Kevin Oberman]

On Wed, Oct 18, 2017 at 3:12 AM, Denis Granato 
wrote:

> thanks guys , I will try and let you know
> about the kernel, I think was for ipfw or something
>

No need for a custom kernel for this. If you configure ipfw in rc.conf as
per the Handbook (29.4), it will load the module and your configuration
using the GENERIC kernel.

I might also point out that use of freebsd-update does NOT require that you
run a GENERIC kernel. This is discussed in the Handbook (23.2). You MUST
have a copy of the GENERIC kernel, either as your boot kernel or by placing
a copy of the GENERIC kernel in /boot/GENERIC. (N.B. This is a file name,
not a directory.) This does require rebuilding your custom kernel after the
update is otherwise complete.
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkober...@gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683

>
>
>
> On Tue, Oct 17, 2017 at 5:11 PM, Kurt Jaeger  wrote:
>
> > Hi!
> >
> > > > uname -a
> > [...]
> > > > *server# uname -aFreeBSD server.avgroup.loc 9.1-PRERELEASE FreeBSD
> >
> > So you have a PRERELEASE version and you have a custom kernel.
> >
> > Do you know why that is ? Any specific change that needs to
> > be in that kernel config ?
> >
> > Please check if you have a 'svn' binary somewhere, because it looks
> > like you need to do a source upgrade first.
> >
> > rm -rf /usr/obj /usr/src
> > mkdir /usr/src
> > cd /usr/src
> > svn checkout https://svn.freebsd.org/base/release/9.3.0/ .
> > make buildworld
> > make buildkernel
> > make installkernel
> > make installworld
> > mergemaster -UiP
> > shutdown -r now
> > cd /usr/src
> > make check-old
> > make delete-old
> > make delete-old-libs
> >
> > > *server# freebsd-update -r 9.3-RELEASE upgradeLooking up
> > update.freebsd.org
> > >  mirrors... 3 mirrors found.Fetching public
> > key
> > > from update6.freebsd.org... failed.Fetching public key from
> > > update5.freebsd.org... failed.Fetching public key from
> > > update4.freebsd.org... failed.No mirrors remaining, giving up*
> >
> > Well, freebsd-update only works on GENERIC kernels and systems, so
> > your first step needs to be a source upgrade.
> >
> > Please note: Your binaries from 9.1-PRE will work on 9.3, and probably on
> > 10.x, so no need to worry about the packages installed for now.
> >
> > You can rebuild your ports when you're on 10.x.
> >
> > --
> > p...@opsec.eu+49 171 3101372 3 years
> to
> > go !
> >
> ___
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
>
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"