Ua wehewehe mua ʻia kekahi mau hiʻohiʻona o ka hoʻonohonoho ʻana i ka WiFi hui. Ma ʻaneʻi e wehewehe au i kaʻu hoʻokō ʻana i ia hopena a me nā pilikia aʻu i hālāwai ai i ka wā e hoʻopili ai i nā ʻaoʻao like ʻole. E hoʻohana mākou i ka LDAP i loaʻa me nā mea hoʻohana i hoʻokumu ʻia, e hoʻokomo iā FreeRadius a hoʻonohonoho i ka WPA2-Enterprise ma ka mana Ubnt. He mea maʻalahi nā mea a pau. E ʻike kākou…
He wahi liʻiliʻi e pili ana i nā ʻano EAP
Ma mua o ka hoʻomaka ʻana i ka hana, pono mākou e hoʻoholo i ke ala hōʻoia a mākou e hoʻohana ai i kā mākou hopena.
Mai Wikipedia:
ʻO ka EAP kahi papa hana hōʻoia i hoʻohana pinepine ʻia i nā pūnaewele uea a me nā pili kiko-i-point. Ua wehewehe mua ʻia ke ʻano ma RFC 3748 a hōʻano hou ʻia ma RFC 5247.
Hoʻohana ʻia ʻo EAP e koho i kahi ala hōʻoia, hoʻololi i nā kī, a hana i kēlā mau kī e nā plugins i kapa ʻia nā ala EAP. Nui nā ala EAP, i wehewehe ʻia me EAP ponoʻī a me nā mea i hoʻokuʻu ʻia e nā mea kūʻai aku. ʻAʻole wehewehe ʻo EAP i ka papa loulou, wehewehe wale ia i ke ʻano memo. Loaʻa i kēlā me kēia protocol e hoʻohana ana i ka EAP i kāna protocol encapsulation memo EAP ponoʻī.
ʻO nā ala iā lākou iho:
- ʻO LEAP kahi protocol proprietary i hoʻomohala ʻia e CISCO. Loaʻa nā nāwaliwali. ʻAʻole ʻōlelo ʻia no ka hoʻohana ʻana i kēia manawa
- Kākoʻo maikaʻi ʻia ʻo EAP-TLS ma waena o nā mea kūʻai uila. He protocol palekana ia no ka mea ʻo ia ka mea pani i nā kūlana SSL. He paʻakikī loa ka hoʻonohonoho ʻana i ka mea kūʻai aku. Pono ʻoe i kahi palapala mea kūʻai aku me ka ʻōlelo huna. Kākoʻo ʻia ma nā ʻōnaehana he nui
- EAP-TTLS - kākoʻo nui ʻia ma nā ʻōnaehana he nui, hāʻawi i ka palekana maikaʻi me ka hoʻohana ʻana i nā palapala PKI wale nō ma ka kikowaena hōʻoia.
- ʻO EAP-MD5 kekahi maʻamau wehe. Hāʻawi i ka palekana liʻiliʻi. ʻAʻole kākoʻo i ka hōʻoia ʻana a me ka hana kī
- EAP-IKEv2 - e pili ana i ka Internet Key Exchange Protocol version 2. Hāʻawi i ka hōʻoia like ʻana a me ka hoʻokumu ʻana i ke kī kī ma waena o ka mea kūʻai aku a me ke kikowaena.
- ʻO PEAP kahi hopena hui ma waena o CISCO, Microsoft a me RSA Security ma ke ʻano he maʻamau. Loaʻa nui i nā huahana, hāʻawi i ka palekana maikaʻi loa. E like me EAP-TTLS, e koi ana i ka palapala hōʻoia ʻaoʻao kikowaena
- PEAPv0/EAP-MSCHAPv2 - Ma hope o EAP-TLS, ʻo ia ka lua i hoʻohana nui ʻia ma ka honua. Hoʻohana ʻia ka pilina mea kūʻai aku ma Microsoft, Cisco, Apple, Linux
- PEAPv1/EAP-GTC - Hana ʻia e Cisco ma ke ʻano he ʻokoʻa no ka PEAPv0/EAP-MSCHAPv2. ʻAʻole mālama i ka ʻikepili hōʻoia ma kekahi ʻano. ʻAʻole i kākoʻo ʻia ma Windows OS
- ʻO EAP-FAST kahi hana i kūkulu ʻia e Cisco e hoʻoponopono i nā hemahema o LEAP. Hoʻohana i ka palapala hōʻoia i pale ʻia (PAC). ʻAʻole i pau loa
ʻO kēia mau ʻano like ʻole, ʻaʻole maikaʻi ka koho. Pono ke ala hōʻoia: palekana maikaʻi, kākoʻo i nā polokalamu āpau (Windows 10, macOS, Linux, Android, iOS) a, ʻoiaʻiʻo, ʻoi aku ka maʻalahi. No laila, ua hāʻule ka koho i ka EAP-TTLS i hui pū me ka protocol PAP.
Hiki ke nīnau - No ke aha e hoʻohana ai i ka PAP? Ma hope o nā mea a pau, hoʻouna ia i nā ʻōlelo huna ma kahi kikokikona maopopo?
ʻAe pololei kēlā. E like me kēia ke kamaʻilio ʻana ma waena o FreeRadius a me FreeIPA. Ma ke ʻano debug, hiki iā ʻoe ke hahai i ka hoʻouna ʻia ʻana o ka inoa inoa a me ka ʻōlelo huna. ʻAe, a e hoʻokuʻu iā lākou, ʻo ʻoe wale nō ke komo i ka kikowaena FreeRadius.
Hiki iā ʻoe ke heluhelu hou aʻe e pili ana i ka hana ʻana o EAP-TTLS
KuokoaRADIUS
E hoʻonui mākou iā FreeRadius i CentOS 7.6. ʻAʻohe mea paʻakikī ma aneʻi, hoʻokomo mākou ma ke ʻano maʻamau.
yum install freeradius freeradius-utils freeradius-ldap -yNo nā pūʻolo, ua hoʻokomo ʻia ka mana 3.0.13. Hiki ke lawe i ka hope ma
Ma hope o kēia, ke hana nei ʻo FreeRadius. Hiki iā ʻoe ke wehe i ka laina ma /etc/raddb/users
steve Cleartext-Password := "testing"E hoʻokuʻu i ka kikowaena ma ke ʻano debug
freeradius -XA hana i kahi pilina hoʻāʻo mai localhost
radtest steve testing 127.0.0.1 1812 testing123Ua loaʻa iā mākou kahi pane Loaʻa iā Access-Accept Id 115 mai 127.0.0.1:1812 a i 127.0.0.1:56081 lōʻihi 20, 'o ia ho'i ua maika'i nā mea a pau. Hele i mua.
Hoʻohui i ka module ldap.
ln -s /etc/raddb/mods-available/ldap /etc/raddb/mods-enabled/ldapA e hoʻololi koke mākou. Pono mākou iā FreeRadius e hiki ke komo i FreeIPA
mods-enabled/ldap
ldap {
server="ldap://ldap.server.com"
port=636
start_tls=yes
identity="uid=admin,cn=users,dc=server,dc=com"
password=**********
base_dn="cn=users,dc=server,dc=com"
set_auth_type=yes
...
user {
base_dn="${..base_dn}"
filter="(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
}
...E hoʻomaka hou i ke kikowaena radius a nānā i ka hoʻonohonoho ʻana o nā mea hoʻohana LDAP:
radtest user_ldap password_ldap localhost 1812 testing123
Hoʻoponopono eap in mods-enabled/eap
Maanei e hoʻohui mākou i ʻelua mau manawa o ka eap. E ʻokoʻa lākou i nā palapala hōʻoia a me nā kī. E wehewehe au i ke kumu o kēia ʻoiaʻiʻo ma lalo nei.
mods-enabled/eap
eap eap-client { default_eap_type = ttls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = ${max_requests}
tls-config tls-common {
private_key_file = ${certdir}/fisrt.key
certificate_file = ${certdir}/first.crt
dh_file = ${certdir}/dh
ca_path = ${cadir}
cipher_list = "HIGH"
cipher_server_preference = no
ecdh_curve = "prime256v1"
check_crl = no
}
ttls {
tls = tls-common
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
}
}
eap eap-guest {
default_eap_type = ttls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = ${max_requests}
tls-config tls-common {
private_key_passwotd=blablabla
private_key_file = ${certdir}/server.key
certificate_file = ${certdir}/server.crt
dh_file = ${certdir}/dh
ca_path = ${cadir}
cipher_list = "HIGH"
cipher_server_preference = no
ecdh_curve = "prime256v1"
check_crl = no
}
ttls {
tls = tls-common
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
}
}A laila hoʻoponopono mākou paena-hiki/paʻamau. Makemake au i nā ʻāpana ʻae a hōʻoia.
paena-hiki/paʻamau
authorize {
filter_username
preprocess
if (&User-Name == "guest") {
eap-guest {
ok = return
}
}
elsif (&User-Name == "client") {
eap-client {
ok = return
}
}
else {
eap-guest {
ok = return
}
}
ldap
if ((ok || updated) && User-Password) {
update {
control:Auth-Type := ldap
}
}
expiration
logintime
pap
}
authenticate {
Auth-Type LDAP {
ldap
}
Auth-Type eap-guest {
eap-guest
}
Auth-Type eap-client {
eap-client
}
pap
}Ma ka ʻāpana ʻae mākou e wehe i nā modula āpau ʻaʻole pono mākou. Waiho wale makou i ldap. Hoʻohui i ka hōʻoia o ka mea kūʻai aku ma ka inoa inoa. ʻO ia ke kumu i hoʻohui ai mākou i ʻelua mau manawa o ka eap ma luna.
Nui EAPʻO ka mea ʻoiaʻiʻo i ka wā e hoʻopili ai i kekahi mau mea e hoʻohana mākou i nā palapala hōʻoia ʻōnaehana a kuhikuhi i ka domain. Loaʻa iā mākou kahi palapala a me ke kī mai kahi mana palapala hilinaʻi. ʻO wau iho, i koʻu manaʻo, ʻoi aku ka maʻalahi o kēia kaʻina pili ma mua o ka hoʻolei ʻana i kahi palapala hōʻailona ponoʻī ma kēlā me kēia mea. Akā ʻoiai me ka ʻole o nā palapala hōʻoia ponoʻī ʻaʻole hiki ke haʻalele. ʻAʻole ʻike nā polokalamu Samsung a me Android =< 6 i ka hoʻohana ʻana i nā palapala hōʻoia ʻōnaehana. No laila, hana mākou i kahi ʻokoʻa o ka eap-guest no lākou me nā palapala hōʻoia ponoʻī. No nā mea hana ʻē aʻe e hoʻohana mākou i ka eap-client me kahi palapala hilinaʻi. Hoʻoholo ʻia ka inoa mea hoʻohana e ke kahua Anonymous i ka wā e hoʻopili ai i ka hāmeʻa. ʻO 3 wale nō nā waiwai i ʻae ʻia: Guest, Client a me kahi kahua ʻole. Hoʻolei ʻia ke koena. Hiki ke hoʻonohonoho i kēia i nā kulekele. E hāʻawi wau i kekahi laʻana ma hope iki.
E hoʻoponopono i nā ʻāpana ʻae a hōʻoia i loko pūnaewele-ʻā/inner-tunnel
pūnaewele-ʻā/inner-tunnel
authorize {
filter_username
filter_inner_identity
update control {
&Proxy-To-Realm := LOCAL
}
ldap
if ((ok || updated) && User-Password) {
update {
control:Auth-Type := ldap
}
}
expiration
digest
logintime
pap
}
authenticate {
Auth-Type eap-guest {
eap-guest
}
Auth-Type eap-client {
eap-client
}
Auth-Type PAP {
pap
}
ldap
}A laila, pono ʻoe e kuhikuhi i nā kulekele i hiki ke hoʻohana ʻia nā inoa no ka inoa inoa ʻole. Hoʻoponopono policy.d/filter.
Pono ʻoe e ʻimi i nā laina e like me kēia:
if (&outer.request:User-Name !~ /^(anon|@)/) {
update request {
Module-Failure-Message = "User-Name is not anonymized"
}
reject
}A ma lalo o elsif e hoʻohui i nā waiwai kūpono:
elsif (&outer.request:User-Name !~ /^(guest|client|@)/) {
update request {
Module-Failure-Message = "User-Name is not anonymized"
}
reject
}I kēia manawa pono mākou e neʻe i ka papa kuhikuhi nā certs. Pono mākou e kau i ke kī a me ka palapala hōʻoia mai kahi mana hōʻoia hilinaʻi, i loaʻa iā mākou, a pono mākou e hana i nā palapala hōʻoia ponoʻī no ka eap-guest.
Ke hoʻololi nei i nā ʻāpana i ka faila ca.cnf.
ca.cnf
...
default_days = 3650
default_md = sha256
...
input_password = blablabla
output_password = blablabla
...
countryName = RU
stateOrProvinceNmae = State
localityNmae = City
organizationName = NONAME
emailAddress = [email protected]
commonName = "CA FreeRadius"Kākau mākou i nā waiwai like ma ka faila server.cnf. Hoʻololi wale mākou
inoa maʻamau:
server.cnf
...
default_days = 3650
default_md = sha256
...
input_password = blablabla
output_password = blablabla
...
countryName = RU
stateOrProvinceNmae = State
localityNmae = City
organizationName = NONAME
emailAddress = [email protected]
commonName = "Server Certificate FreeRadius"Hana mākou:
makeMākaukau. Loaʻa server.crt и server.ki Ua hoʻopaʻa inoa mākou ma luna ma ka eap-guest.
A ʻo ka hope, e hoʻohui i kā mākou mau wahi komo i ka faila client.conf. Loaʻa iaʻu he 7. I ʻole e hoʻohui i kēlā me kēia wahi i kahi kaʻawale, e hoʻopaʻa inoa mākou i ka pūnaewele wale nō i loaʻa ai lākou (ʻo kaʻu mau wahi komo i kahi VLAN kaʻawale).
client APs {
ipaddr = 192.168.100.0/24
password = password_AP
}Ubiquiti hooponopono
Hoʻokiʻekiʻe mākou i kahi pūnaewele kaʻawale ma ka mea hoʻoponopono. E waiho ia 192.168.2.0/24
E hele i nā hoʻonohonoho -> profile. E hana kākou i mea hou:
Kākau mākou i ka helu wahi a me ke awa o ke kikowaena radius a me ka ʻōlelo huna i kākau ʻia ma ka faila nā mea kūʻai.conf:
E hana i kahi inoa pūnaewele uwea hou. E koho i ka WPA-EAP (Enterprise) ma ke ʻano o ka hōʻoia ʻana a kuhikuhi i ka ʻaoʻao radius i hana ʻia:
Mālama mākou i nā mea a pau, hoʻopili a neʻe.
Hoʻonohonoho i nā mea kūʻai aku
E hoʻomaka kākou me ka mea paʻakikī loa!
Windows 10
Ke iho nei ka paʻakikī i ka ʻike ʻana ʻaʻole ʻike ʻo Windows pehea e hoʻopili ai i ka WiFi hui ma luna o kahi kikowaena. No laila, pono mākou e hoʻouka lima i kā mākou palapala hōʻoia i ka hale kūʻai palapala hilinaʻi. Ma ʻaneʻi hiki iā ʻoe ke hoʻohana i ka mea i hoʻopaʻa inoa iā ʻoe iho a i ʻole mai kahi mana hōʻoia. E hoʻohana au i ka lua.
A laila pono ʻoe e hana i kahi pilina hou. No ka hana ʻana i kēia, e hele i ka Pūnaewele a me ka Pūnaewele Pūnaewele -> Pūnaewele a me ka Kaʻana Pūnaewele -> Hana a hoʻonohonoho i kahi pilina hou a i ʻole pūnaewele:
Hoʻokomo lima mākou i ka inoa pūnaewele a hoʻololi i ke ʻano palekana. A laila kaomi ma luna hoʻololi i nā hoʻonohonoho pili a ma ka ʻaoʻao Security, koho i ka hōʻoia pūnaewele - EAP-TTLS.
E hele i nā hoʻonohonoho, e hoʻonohonoho i ka hūnā o ka hōʻoia - Client. Ma ke ʻano he mana hōʻoia hilinaʻi, koho i ka palapala hōʻoia a mākou i hoʻohui ai, e nānā i ka pahu "Mai hoʻopuka i kahi kono i ka mea hoʻohana inā ʻaʻole hiki ke ʻae ʻia ka server" a koho i ke ala hōʻoia - plaintext password (PAP).
A laila, e hele i nā ʻāpana hou a nānā i ka pahu "Specify authentication mode." E koho i ka "User Authentication" a kaomi ma luna mālama i nā palapala hōʻoia. Pono ʻoe e hoʻokomo i ka username_ldap a me password_ldap
Mālama mākou, hoʻopili, pani i nā mea a pau. Hiki iā ʻoe ke hoʻohui i kahi pūnaewele hou.
Linux
Ua hoʻāʻo wau ma Ubuntu 18.04, 18.10, Fedora 29, 30.
ʻO ka mua, e hoʻoiho i ka palapala hōʻoia nou iho. ʻAʻole i loaʻa iaʻu ma Linux inā hiki ke hoʻohana i nā palapala hōʻoia a i ʻole he hale kūʻai like ʻole.
E hoʻopili mākou ma o ka domain. No laila, pono mākou i kahi palapala mai ka mana hōʻoia i kūʻai ʻia ai kā mākou palapala.
Hana ʻia nā pilina a pau ma ka puka makani hoʻokahi. E koho i kā mākou pūnaewele:
inoa ʻole - client
domain - ke kahua i hoʻopuka ʻia ai ka palapala hōʻoia
Android
ʻaʻole Samsung
Mai ka mana 7, i ka wā e hoʻopili ai iā WiFi, hiki iā ʻoe ke hoʻohana i nā palapala hōʻoia ʻōnaehana ma ke kuhikuhi ʻana i ka domain wale nō:
domain - ke kahua i hoʻopuka ʻia ai ka palapala hōʻoia
inoa ʻole - client
Samsung
E like me kaʻu i kākau ai ma luna, ʻaʻole ʻike nā mea Samsung i ka hoʻohana ʻana i nā palapala hōʻoia i ka wā e hoʻopili ai i ka WiFi, a ʻaʻohe o lākou hiki ke hoʻopili ma o ka domain. No laila, pono ʻoe e hoʻohui lima i ka palapala kumu o ka mana hōʻoia (ca.pem, lawe iā ia mai ka kikowaena Radius). ʻO kēia kahi e hoʻohana ʻia ai ka inoa ponoʻī.
Hoʻoiho i ka palapala hōʻoia i kāu kelepona a hoʻokomo iā ia.
Ke kau ʻana i kahi palapala hōʻoia
I kēia hihia, pono ʻoe e hoʻonohonoho i kahi ʻano wehe ʻana i ka pale, code PIN a i ʻole ʻōlelo huna, inā ʻaʻole i hoʻonohonoho ʻia:
Ua hōʻike au i kahi koho paʻakikī no ka hoʻokomo ʻana i kahi palapala. Ma ka hapa nui o nā polokalamu, e kaomi wale i ka palapala i hoʻoiho ʻia.
Ke kau ʻia ka palapala hōʻoia, hiki iā ʻoe ke hoʻomau i ka pilina:
palapala hōʻoia - hōʻike i ka mea āu i kau ai
mea hoʻohana inoa ʻole - malihini
macOS
Hiki i nā polokalamu Apple ke hoʻopili wale iā EAP-TLS ma waho o ka pahu, akā pono ʻoe e hāʻawi iā lākou i kahi palapala. No ke kuhikuhi ʻana i kahi ʻano pili like ʻole, pono ʻoe e hoʻohana iā Apple Configurator 2. No laila, pono ʻoe e hoʻoiho mua iā ia i kāu Mac, e hana i kahi ʻaoʻao hou a hoʻohui i nā hoʻonohonoho WiFi pono a pau.
ʻO Apple Pūkālua
Maanei mākou e hōʻike ai i ka inoa o kā mākou pūnaewele
ʻAno Palekana - WPA2 Enterprise
ʻAe ʻia nā ʻano EAP - TTLS
Ka inoa mea hoʻohana a me ka ʻōlelo huna - waiho hakahaka
Hōʻoia Loko - PAP
ʻIkepili waho - client
Pepa hilinaʻi. Eia mākou e hōʻike i kā mākou kikowaena
ʻO nā mea a pau. Hiki ke mālama ʻia ka ʻaoʻao, kau inoa a hoʻohele ʻia i nā polokalamu
Ma hope o ka mākaukau ʻana o ka ʻaoʻao, pono ʻoe e hoʻoiho iā ia i kāu Mac a hoʻokomo iā ia. I ka wā o ke kaʻina hana, pono ʻoe e kuhikuhi i ka usernmae_ldap a me password_ldap o ka mea hoʻohana:
IOS
Ua like ke kaʻina hana me macOS. Pono ʻoe e hoʻohana i kahi ʻaoʻao (hiki iā ʻoe ke hoʻohana i ka mea like me ka macOS. E nānā i luna no ka hana ʻana i kahi ʻaoʻao ma Apple Configurator).
Hoʻoiho i ka ʻaoʻao, hoʻokomo, hoʻokomo i nā hōʻoia, hoʻohui:
ʻo ia wale nō. Hoʻonohonoho mākou i ka kikowaena Radius, hoʻonohonoho pū me FreeIPA, a haʻi i nā wahi komo Ubiquiti e hoʻohana iā WPA2-EAP.
He mau nīnau paha
IN: Pehea e hoʻololi ai i kahi ʻaoʻao / palapala i kahi limahana?
E pili ana: Hoʻopaʻa au i nā palapala hōʻoia/profile ma FTP me ke komo ʻana ma o ka pūnaewele. Hoʻonohonoho au i kahi pūnaewele malihini me ka palena wikiwiki a me ka loaʻa ʻana i ka Pūnaewele wale nō, koe wale ka FTP.
ʻO ka hōʻoia ʻana he 2 mau lā, a laila hoʻihoʻi ʻia a waiho ʻia ka mea kūʻai me ka ʻole o ka Pūnaewele. ʻO kēlā. Ke makemake ka mea hana e hoʻopili iā WiFi, hoʻopili mua ʻo ia i ka pūnaewele malihini, hoʻopaʻa inoa i ka FTP, hoʻoiho i ka palapala hōʻoia a i ʻole ʻaoʻao āna e pono ai, hoʻokomo iā lākou, a laila hiki ke hoʻopili i ka pūnaewele hui.
IN: No ke aha e hoʻohana ʻole ai i kahi hoʻolālā me MSCHAPv2? ʻoi aku ka palekana!
E pili ana: ʻO ka mea mua, hana maikaʻi kēia papahana ma NPS (Windows Network Policy System), i kā mākou hoʻokō pono pono e hoʻohui hou i ka LDAP (FreeIpa) a mālama i nā hashes password ma ka kikowaena. Hoʻohui. ʻAʻole pono e hana i nā hoʻonohonoho, no ka mea hiki i kēia ke alakaʻi i nā pilikia like ʻole me ka synchronization o ka ʻōnaehana ultrasound. ʻO ka lua, ʻo MD4 ka hash, no laila ʻaʻole ia e hoʻohui i ka palekana
IN: Hiki paha ke ʻae i nā polokalamu me ka hoʻohana ʻana i nā helu mac?
E pili ana: ʻAʻole, ʻaʻole palekana kēia, hiki i ka mea hoʻouka ke hoʻopunipuni i nā helu MAC, a ʻoi aku hoʻi, ʻaʻole kākoʻo ʻia ka ʻae ʻia e nā leka uila MAC ma nā polokalamu he nui.
IN: No ke aha e hoʻohana ai i kēia mau palapala hōʻoia? hiki iā ʻoe ke hoʻohui me ka ʻole o lākou
E pili ana: hoʻohana ʻia nā palapala hōʻoia e ʻae i ke kikowaena. ʻO kēlā mau. I ka hoʻohui ʻana, nānā ka hāmeʻa inā he kikowaena hiki ke hilinaʻi ʻia a ʻaʻole paha. Inā pēlā, hoʻomau ka hōʻoia; inā ʻaʻole, ua pani ʻia ka pilina. Hiki iā ʻoe ke hoʻohui me ka ʻole o nā palapala hōʻoia, akā inā hoʻonohonoho ka mea hoʻouka a i ʻole hoa noho i kahi kikowaena radius a me kahi wahi komo me ka inoa like me ko mākou ma ka home, hiki iā ia ke hoʻopaʻa maʻalahi i nā hōʻoia o ka mea hoʻohana (mai poina ua hoʻouna ʻia lākou ma kahi kikokikona maʻalahi) . A i ka wā e hoʻohana ʻia ai kahi palapala hōʻoia, e ʻike ka ʻenemi i loko o kāna mau lāʻau i kā mākou mea hoʻohana wale nō - ka malihini a i ʻole ka mea kūʻai aku a me kahi ʻano hewa - Unknown CA Certificate
hou iki e pili ana i ka macOSʻO ka maʻamau, ma ka macOS, hana hou ʻia ka ʻōnaehana ma o ka Pūnaewele. Ma ke ʻano hoʻihoʻi, pono e hoʻopili ʻia ka Mac me WiFi, a ʻaʻole e hana kā mākou hui WiFi a i ʻole ka pūnaewele malihini. ʻO wau iho, ua hoʻokomo wau i kahi pūnaewele ʻē aʻe, ka WPA2-PSK maʻamau, huna ʻia, no nā hana ʻenehana wale nō. A i ʻole hiki iā ʻoe ke hana i kahi USB flash drive bootable me ka ʻōnaehana ma mua. Akā inā ʻo kāu Mac ma hope o 2015, pono ʻoe e ʻimi i kahi adapter no kēia flash drive)
Source: www.habr.com