Hi,

My switcher support radius client and I've setup one radius server based on
freeradius and client run xsupplicant to realize the authentication. Now I
have to update the client key file by hand, another question, I may copy the
client key file to other machines and set up the authentication
successfully. I wanna find ways to resolve these questions:

1. Generate the client key file automatically when one user login
rightly. after he logout, the machine is rejected by the network.
2. How to keep the key file usable on only one machine?
3. Since radius protocols authenticate the port, if there's two machines
connect to the port through one hub, and one machine is rightful and the
other not, after the rightful machine set up the authentication, the port is
open to the unlawful one, which measures may be used to close the hole?

Have a good day!

B.R.

Joffre