Aktualisierung Opennet CA Zertifikat auf APs: Unterschied zwischen den Versionen
Leo (Diskussion | Beiträge) (→Zu aktualisierende APs: Zuständigkeiten aktualisiert) |
Leo (Diskussion | Beiträge) (→Zu aktualisierende APs: Zuständigkeit aktualisiert) |
||
Zeile 126: | Zeile 126: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |Martin fragt Christian |
|Friedrichstraße 32, Steffen | |Friedrichstraße 32, Steffen | ||
|---- | |---- | ||
Zeile 158: | Zeile 158: | ||
| | | | ||
| | | | ||
− | | | + | |ist kompetent genug |
|Parkstr. 31 , Christian W. | |Parkstr. 31 , Christian W. | ||
|---- | |---- | ||
Zeile 303: | Zeile 303: | ||
|opennet0.6.sdk | |opennet0.6.sdk | ||
|Atheros AR7240 (Python) NanoStation M5 | |Atheros AR7240 (Python) NanoStation M5 | ||
− | | | + | |Jan aktualisiert selbst |
|Margaretenstrasse 40 , Jan C. | |Margaretenstrasse 40 , Jan C. | ||
|---- | |---- | ||
Zeile 334: | Zeile 334: | ||
| | | | ||
|white russian 0.11ipkg-13 0x467/00 | |white russian 0.11ipkg-13 0x467/00 | ||
− | | | + | |Martin fragt Mathias |
|Alt Meteln OT Böken, Dorfstr. 9 , Jan B. | |Alt Meteln OT Böken, Dorfstr. 9 , Jan B. | ||
|---- | |---- | ||
Zeile 341: | Zeile 341: | ||
|0.11ipkg-13 | |0.11ipkg-13 | ||
|bcm94710dev/asusX | |bcm94710dev/asusX | ||
− | | | + | |Martin fragt Christian |
|Dändorf/Fischland-Darss , Martin S. | |Dändorf/Fischland-Darss , Martin S. | ||
|---- | |---- | ||
Zeile 354: | Zeile 354: | ||
|opennet0.6.sdk | |opennet0.6.sdk | ||
|Atheros AR7240 (Python) NanoStation Loco M5 | |Atheros AR7240 (Python) NanoStation Loco M5 | ||
− | | | + | |Philipp fragt |
|Ziolkowskistr. 8b , Juliane M. | |Ziolkowskistr. 8b , Juliane M. | ||
|---- | |---- |
Version vom 30. März 2015, 21:07 Uhr
Nächsten Monat, konkret 12.April 2015, läuft das alte Zertifikat der Opennet CA aus. Daher muss innerhalb der nächsten 35 Tage das alte CA Zerttifikat auf allen alten APs ersetzt werden durch ein neues.
Inhaltsverzeichnis |
Fragen
Folgende Fragen stehen dazu im Raum:
- Bei welchen APs ist nur das alte Zertifikat installiert?
- Bei welchen Firmwareversionen wurden welche Zertifikate installiert?
- Sollen Zertifikate nur ausgetauscht werden oder gleich eine aktuelle Firmware installiert werden (abhängig von Harware)?
Übersicht Firmwareversion - CA-Certs
Die folgende Tabelle listet auf, in welcher Firmwareversion welche CA Zertifikate enthalten sind.
Firmwareversion | enthaltene CA Zertifikate |
---|---|
0.5.0 | ca33,ca24,ca15 |
0.4.5 | ca15 |
0.3.10 | ca15 |
0.1 | ca15 |
Dabei ist zu beachten, dass die alten CA-Zertifikate bei einem Firmware-Upgrade übernommen werden. Das heißt, dass durchaus eine Firmware-Version 0.5.0 mit altem CA-Zertifikat ausgestattet sein kann, weil sie von einer Version v0.4.x aktualisiert wurde.
Legende:
Serial Number | Ablaufdatum | Abkürzung |
---|---|---|
d0:94:11:ca:45:ba:b5:f1 | Dec 21 23:59:59 2033 GMT | ca33 |
9e:76:cf:71:0f:71:fe:f1 | Mar 27 10:07:32 2024 GMT | ca24 |
0 (0x0) | Apr 12 15:27:40 2015 GMT | ca15 |
Anleitung für Aktualisierung
openwrt-basierte Firmware
Das folgende Kommando ist für die verschiedenen Generationen (0.9ON5, 0.3-x, 0.4-x, 0.5-x) anwendbar:
wget -q -O - http://ca.on-i.de/tools/upgrade_ca_2005.sh | sh -s auto
Wirkungsweise:
- Wird eine alte CA (2005) entdeckt (wie erwartet), dann wird diese auf die Version von 2013 aktualisiert.
- Im Falle einer aktuellen CA wird dieser Fakt ausgegeben und das Skript beendet sich.
- Im Falle einer nicht erkannten CA meldete das Skript dies. Ersetze in diesem Fall "auto" durch "force", falls du die CA trotzdem austauschen möchtest.
AirOS-basierte Firmware
ACHTUNG: dieser Ablauf ist kaum getestet!
Die folgenden Kommandos sollten die CA auf dem Gerät aktualisieren:
wget -q -O - http://ca.on-i.de/tools/upgrade_ca_2005.sh | sh -s auto cp /etc/openvpn/opennet_user/opennet-ca.crt /etc/persistent/opennet_user/ uci set openvpn.opennet_user.ca=/etc/persistent/opennet_user/opennet-ca.crt cfgmtd -p /etc -w
Zu aktualisierende APs
Auf der Firmware_Status Seite, werden alle APs mit ondataservice angezeigt. Dort kann die Firmwareversion entnommen werden.
Übersicht der APs mit Nutzer-VPN-Tunnel.
IP | OS Version | ONI Version | Gerät | CA-Status / Passwort-Zugänglichkeit | Standort / Eigentümer |
---|---|---|---|---|---|
192.168.1.3 | OK | ||||
192.168.1.6 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.7 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.8 | kein AP - ignorieren | ||||
192.168.1.13 | barrier_breaker | 0.4-6 | OK | ||
192.168.1.14 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Mail verschickt | Julius R. Client von Ulmenstr. West |
192.168.1.17 | OK | ||||
192.168.1.19 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.21 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.22 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Martin fragt Christian | Friedrichstraße 32, Steffen |
192.168.1.25 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.27 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Bullet M | OK | |
192.168.1.35 | white russian | 0.11ipkg-13 | 0x0708/42 | nur UGW | |
192.168.1.36 | Martin fragt | Am Kabutzenhof 17 , Stefan A. | |||
192.168.1.39 | ist kompetent genug | Parkstr. 31 , Christian W. | |||
192.168.1.40 | OK | ||||
192.168.1.41 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.42 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.44 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.45 | OK | ||||
192.168.1.48 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 1 | OK | |
192.168.1.54 | barrier_breaker | 0.5.1 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.56 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.58 | white russian 0.11ipkg-13 0x467/00 | OK | |||
192.168.1.60 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.61 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.65 | AirOS | OK | |||
192.168.1.74 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.75 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 2 | OK | |
192.168.1.87 | OK | ||||
192.168.1.90 | white russian | 0.11ipkg-13 | 0x0467/42 | nur UGW | |
192.168.1.91 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.100 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.103 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.105 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.106 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.109 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.120 | nur UGW | ||||
192.168.1.121 | XM.v5.5 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation M5 | Jan aktualisiert selbst | Margaretenstrasse 40 , Jan C. |
192.168.1.122 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 2 | OK | |
192.168.1.124 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.128 | backfire | 0.4-1 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.129 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Bullet M | OK | |
192.168.1.130 | white russian 0.11ipkg-13 0x467/00 | Martin fragt Mathias | Alt Meteln OT Böken, Dorfstr. 9 , Jan B. | ||
192.168.1.135 | white russian | 0.11ipkg-13 | bcm94710dev/asusX | Martin fragt Christian | Dändorf/Fischland-Darss , Martin S. |
192.168.1.138 | chaos_calmer | 0.5.0-694 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.140 | XM.v5.5 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation Loco M5 | Philipp fragt | Ziolkowskistr. 8b , Juliane M. |
192.168.1.142 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.143 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.148 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.149 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.151 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 TP-LINK TL-MR3420 | Martin fragt | Vossstraße 20 , Verein, Henning, Wem gehört dieses Gerät eigentlich? |
192.168.1.154 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.156 | chaos_calmer | 0.5.0-308 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.158 | white russian 0.11ipkg-13 0x0467/42 | Martin - Jörg | Groß Potrems, Dorfstraße 8 , Dirk L. | ||
192.168.1.163 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.167 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 1 | OK | |
192.168.1.175 | attitude_adjustment | 0.4-6 | Atheros AR7161 rev 2 MikroTik RouterBOARD 450G | Lars fragt | Rene Ejury |
192.168.1.176 | Lars | Satower Straße 55 , Verein | |||
192.168.1.178 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.180 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Lars fragt | Tschaikowskistr. 1a , Rene (Steffen) |
192.168.1.181 | barrier_breaker | 0.5.1-alpha-755 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.184 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.190 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Bullet M | Martin fragt Jörg | Groß Potrems, Dorfstraße,Michael Birth |
192.168.1.195 | ist kompetent genug | Brahestraße 36 , Christoph K. | |||
192.168.1.198 | white russian | 0.11ipkg-13 | 0x0467/42 | OK | |
192.168.1.199 | OK | ||||
192.168.1.203 | barrier_breaker | 0.5.2-unstable-1045 | Atheros AR9344 rev 2 TP-LINK TL-WDR3600/4300/4310 | OK | |
192.168.1.204 | OK | ||||
192.168.1.207 | OK | ||||
192.168.1.210 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.212 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Philipp fragt | Dethardingstr. 15 , Robert M. |
192.168.1.215 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.216 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.220 | OK | ||||
192.168.1.223 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Philipp fragt | Parkstraße xxx , Michael W. |
192.168.1.224 | chaos_calmer | 0.5.0-694 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.225 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.226 | OK | ||||
192.168.1.238 | white russian 0.11ipkg-13 0x0467/42 | Martin fragt | Klein Wokern , Jens K. | ||
192.168.1.239 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.240 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Lars fragt | Warnowufer 30 , Jörg K. |
192.168.1.244 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.245 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.247 | OK | ||||
192.168.1.249 | backfire | 0.4-1 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | Martin fragt | Neubrandenburger Str. / Kassebohm-Kiesgrube , Fam Hänler |
192.168.1.250 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.9 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.2.13 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.14 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.19 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.21 | attitude_adjustment | 0.4-5 | Atheros AR9344 rev 2 TP-LINK TL-WDR3600/4300/4310 | OK | |
192.168.2.22 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.23 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Passwort? Philipp fragt | Leonardstraße 22 , Schöppa |
192.168.2.26 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.27 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.29 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.34 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.46 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Bullet M | OK | |
192.168.2.50 | barrier_breaker | 0.5.1-unstable-1036 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.51 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.53 | kein AP - ignorieren | ||||
192.168.2.55 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.57 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.62 | XM.v5.3.3 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation M5 | OK | |
192.168.2.64 | barrier_breaker | 0.5.1-unstable-853 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.66 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 TP-LINK TL-MR3420 | OK | |
192.168.2.68 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.69 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.70 | Passwort? Henning. Lars. | Patriotischer Weg 52 , Christian L. | |||
192.168.2.77 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.83 | OK | ||||
192.168.2.84 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.86 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.88 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.92 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.93 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.94 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.96 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.97 | OK | ||||
192.168.2.106 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.109 | barrier_breaker | 0.5.1-alpha-755 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.115 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.121 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.122 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.125 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.127 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.2.128 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.2.129 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.134 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.144 | barrier_breaker | 0.5.1-unstable-1036 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.146 | barrier_breaker | 0.5.2-unstable-1064 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK |