I would like to be able to have some front desk people to click on a button and get a user name and password they can print out and then give to a user. This name should then expire after a specified time, like 24 or 48 hours, and automatically be removed from the system. The current system of adding users and then remembering to remove them is a bit complicated for the average front desk person. Is this something that can be done?
Also this is a very low security application so the ssl connection for user authentication is not needed. Can I get around using ssl so I don’t have to worry about the cert warnings?
tomorrow i will install zeroshell on a PC and test it a little bit if it is possible to use it in our guest-network.
i try to install a network, where every guest gets a unique username/password-combination, that is only 24 hours valid. the guest comes to our office, signes a list (which guest-network-access he got) and then he is able to connect to the guest-network with this username/password-combination. when the 24 hours are over, the combination of username and password is expired and he isn’t able to join the network anymore.
so you can exactly backtrack, which guest (name in the list + which guest-login) connected which websites or used which services (in case of abuse)
The captive portal of Zeroshell is able to authenticate the users against a Kerberos 5 KDC which allows to set the expiration time of the accounts.
Looking the Captive Portal logs you can associate the usernames to the IP addresses and then using the connection tracking logs you can know the services (Destination IP, Source Port and Destination Port) the users have used.