Mac Thread, Leopard 10.5 airport in Technical; Storing wireless keys in keychain access util ?
Is there anyway to encrypt the wireless key so that it is ...
25th January 2008, 11:16 AM #1
Leopard 10.5 airport
Storing wireless keys in keychain access util ?
Is there anyway to encrypt the wireless key so that it is not viewable so that we can add or allow students to use wireless without them being able to view the wep or wpa key ?
If they go into keychain access and view keychains they are able to go to the system section and double click on any of the added in wireless access points and tick the show password check box and it shows them the wep / wpa key which we do not want.
Any help much appreicated
IDG Tech News
25th January 2008, 11:36 AM #2
It prompts me for an administrator account when I do this...
25th January 2008, 01:51 PM #3
The student owns the laptop and has admin privs so if she found out about keychain the student could easily enter in the admin password to display the wireless key
25th January 2008, 02:44 PM #4
then why are you letting her attach it to your wireless?
25th January 2008, 03:37 PM #5
so they can work on there own laptops without using an ethernet port because there are no ethernet ports in the classroom bar maybe one or two but those are for the sims or staff machines.
side tracking a bit, anyway - is there a way of doing it so that the student can not access or view the wireless key via the keychain access util ?
Last edited by mac_shinobi; 25th January 2008 at 03:41 PM.
25th January 2008, 03:53 PM #6
No, I don't think there is I'm afraid.
Originally Posted by gecko
I think your only bet would be to introduce some form of network authentication, so that non-authorised machines couldn't connect even with the password.
Just a quick note, joining a laptop to the network which doesn't belong to the school could cause problems with the DPA. Do the SMT know about and support this?
25th January 2008, 03:56 PM #7
25th January 2008, 04:09 PM #8
DPA = Data protection Act
SMT = Senior Management Team
25th January 2008, 04:14 PM #9
we have joined a quite a lot of students windows laptops and this is the first mac laptop that we have gotten with regards to joining to the network wirelessly, so am guessing so.
25th January 2008, 04:28 PM #10
you also now have the problem of this password being passed around and now anyone can bypass you to join your network (not good!!)
25th January 2008, 04:43 PM #11
2nd you on the "not good!"
Originally Posted by gaz350
26th January 2008, 09:53 AM #12
The Keychain files themselves are actually encrypted. The problems with your scenario are that:
1. The student *is* the administrator of the laptop
2. Therefore the student has the Keychain Password and can read the passwords stored in their account Keychain.
There isn't any way around this that I can think of so long as you aren't managing the machines via Open Directory. Sorry.
Now you would be best resetting the wireless encryption key and risking the onslaught, explaining that you can't give out the key securely. There needs to be some "edge" security to your network.
26th January 2008, 09:58 AM #13
oh dear, indeed !
Originally Posted by kingswood
what do you mean by edge security ? What I did is I tried it with one of the wireless access points and then I deleted it completely out of key chain access and also made sure it wasn't in the network section in system prefs.
If we were to get os x server ( open directory ) have you got a guide on how we would do it ?
haven't heard from you in a while @ kingswood
26th January 2008, 03:20 PM #14
Edge security is some form of controlling device access to the network - such as NAC by cisco, or mac based filtering (which isn't actually that secure, it is just a deterant) or something like that.
Originally Posted by gecko
By ZeroHour in forum General Chat
Last Post: 8th January 2008, 10:33 AM
Last Post: 11th December 2007, 04:40 PM
By timbo343 in forum General Chat
Last Post: 4th July 2007, 08:45 AM
Last Post: 8th August 2006, 09:51 PM
Last Post: 30th July 2006, 04:53 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)