Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

TTLS (Tunneled TLS) establishes a TLS tunnel first, then authenticates inside using a simpler inner method (PAP, CHAP, MSCHAPv2). Less common than PEAP but still present in some enterprise environments.

Config File: TTLS/MSCHAPv2

wpa-enterprise-ttls.conf: 
network={
    ssid="NETWORK-NAME"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=TTLS
    identity="DOMAIN\username"
    anonymous_identity="anonymous"
    password="password"
    phase2="auth=MSCHAPV2"
}

Config File: TTLS/PAP

network={
    ssid="NETWORK-NAME"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=TTLS
    identity="DOMAIN\username"
    anonymous_identity="anonymous"
    password="password"
    phase2="auth=PAP"
}

Connect

sudo wpa_supplicant -Dnl80211 -i <INTERFACE> -c wpa-enterprise-ttls.conf
Get an IP address: 
sudo dhclient <INTERFACE> -v