Aktualisierung Opennet CA Zertifikat auf APs: Unterschied zwischen den Versionen
Lars (Diskussion | Beiträge) (AP1.56, AP1.65, AP1.198, AP1.204) |
Lars (Diskussion | Beiträge) (Hinweise für fehlende Internetverbindung) |
||
(38 dazwischenliegende Versionen von 8 Benutzern werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
− | Nächsten Monat, konkret 12.April 2015, läuft das alte Zertifikat der Opennet CA aus. Daher muss innerhalb der nächsten | + | {{hinweis|Diese Wiki-Seite beschreibt die CA-Zertifikatsaktualisierung, die auf allen APs Anfang 2015 erforderlich war. Diese Beschreibung hat lediglich historischen Wert.}} |
+ | |||
+ | Nächsten Monat, konkret 12. April 2015, läuft das alte Zertifikat der Opennet CA aus. Daher muss innerhalb der nächsten Tage das alte CA Zerttifikat auf allen alten APs ersetzt werden durch ein neues. | ||
== Fragen == | == Fragen == | ||
Zeile 23: | Zeile 25: | ||
|} | |} | ||
− | Dabei ist zu beachten, dass die alten CA-Zertifikate bei einem Firmware-Upgrade | + | Dabei ist zu beachten, dass die alten CA-Zertifikate bei einem Firmware-Upgrade erhalten bleiben. Das heißt, dass durchaus eine Firmware-Version 0.5.0 mit altem CA-Zertifikat ausgestattet sein kann, weil sie von einer Version v0.4.x aktualisiert wurde. |
Legende: | Legende: | ||
Zeile 37: | Zeile 39: | ||
|} | |} | ||
− | == Anleitung für Aktualisierung == | + | == Anleitung für die Aktualisierung == |
+ | |||
=== openwrt-basierte Firmware === | === openwrt-basierte Firmware === | ||
Das folgende Kommando ist für die verschiedenen Generationen (0.9ON5, 0.3-x, 0.4-x, 0.5-x) anwendbar: | Das folgende Kommando ist für die verschiedenen Generationen (0.9ON5, 0.3-x, 0.4-x, 0.5-x) anwendbar: | ||
Zeile 57: | Zeile 60: | ||
cfgmtd -p /etc -w | cfgmtd -p /etc -w | ||
+ | === Sonderfall: fehlende Internetverbindung === | ||
+ | Falls auf dem AP aktuell keine Internetverbindung vorhanden ist, schlagen die oben beschriebenen Schritte fehl. | ||
+ | |||
+ | In diesem Fall muss zuvor folgendes ausgeführt werden: | ||
+ | echo "192.168.10.2 ca.on-i.de" >>/etc/hosts | ||
+ | |||
+ | Im Anschluss an die Aktualisierung sollte dieser Workaround unbedingt wieder beräumt werden, andernfalls wird es später zu verwirrenden Phänomenen kommen: | ||
+ | sed -i '/^192.168.10.2 ca.on-i.de$/d' /etc/hosts | ||
== Zu aktualisierende APs == | == Zu aktualisierende APs == | ||
Zeile 66: | Zeile 77: | ||
|- | |- | ||
! IP || OS Version || ONI Version || Gerät || CA-Status / Passwort-Zugänglichkeit || Standort / Eigentümer | ! IP || OS Version || ONI Version || Gerät || CA-Status / Passwort-Zugänglichkeit || Standort / Eigentümer | ||
+ | |---- | ||
+ | |192.168.1.3 | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |OK | ||
|---- | |---- | ||
|192.168.1.6 | |192.168.1.6 | ||
Zeile 84: | Zeile 101: | ||
| | | | ||
|kein AP - ignorieren | |kein AP - ignorieren | ||
− | |||
|---- | |---- | ||
|192.168.1.13 | |192.168.1.13 | ||
Zeile 96: | Zeile 112: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.17 | ||
| | | | ||
− | | | + | | |
+ | | | ||
+ | |OK | ||
|---- | |---- | ||
|192.168.1.19 | |192.168.1.19 | ||
Zeile 115: | Zeile 136: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.25 | |192.168.1.25 | ||
Zeile 128: | Zeile 148: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Bullet M | |Atheros AR7241 rev 1 Ubiquiti Bullet M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.35 | ||
+ | |white russian | ||
+ | |0.11ipkg-13 | ||
+ | |0x0708/42 | ||
+ | |nur UGW | ||
+ | |---- | ||
+ | |192.168.1.36 | ||
+ | |white russian | ||
+ | |0.11ipkg-14pre2 | ||
+ | |Linksys WRT54GL | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.39 | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.40 | ||
+ | | | ||
+ | | | ||
+ | | | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 140: | Zeile 184: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.43 | ||
+ | |attitude_adjustment | ||
+ | |0.4-5 | ||
+ | | | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 146: | Zeile 196: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.45 | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.48 | ||
+ | |backfire | ||
+ | |0.3-10 | ||
+ | |Broadcom BCM4712 chip rev 1 | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 157: | Zeile 219: | ||
|attitude_adjustment | |attitude_adjustment | ||
|0.4-5 | |0.4-5 | ||
+ | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.58 | ||
+ | | | ||
+ | | | ||
+ | |white russian 0.11ipkg-13 0x467/00 | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.60 | ||
+ | |attitude_adjustment | ||
+ | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
|OK | |OK | ||
Zeile 189: | Zeile 263: | ||
| | | | ||
|OK | |OK | ||
+ | |---- | ||
+ | |192.168.1.90 | ||
+ | |white russian | ||
+ | |0.11ipkg-13 | ||
+ | |0x0467/42 | ||
+ | |nur UGW | ||
|---- | |---- | ||
|192.168.1.91 | |192.168.1.91 | ||
Zeile 194: | Zeile 274: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.100 | |192.168.1.100 | ||
Zeile 213: | Zeile 292: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.106 | |192.168.1.106 | ||
Zeile 226: | Zeile 304: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.120 | ||
+ | | | ||
+ | | | ||
| | | | ||
− | | | + | |nur UGW |
+ | |---- | ||
+ | |192.168.1.121 | ||
+ | |XM.v5.5 | ||
+ | |opennet0.6.sdk | ||
+ | |Atheros AR7240 (Python) NanoStation M5 | ||
+ | |Jan aktualisiert selbst | ||
+ | |Margaretenstrasse 40 , Jan C. | ||
|---- | |---- | ||
|192.168.1.122 | |192.168.1.122 | ||
Zeile 252: | Zeile 342: | ||
|Atheros AR7241 rev 1 Ubiquiti Bullet M | |Atheros AR7241 rev 1 Ubiquiti Bullet M | ||
|OK | |OK | ||
+ | |---- | ||
+ | |192.168.1.130 | ||
+ | |white russian | ||
+ | |0.11ipkg-13 | ||
+ | |0x467/00 | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.135 | ||
+ | |white russian | ||
+ | |0.11ipkg-13 | ||
+ | |bcm94710dev/asusX | ||
+ | |Emailadresse ungültig | ||
+ | |Dändorf/Fischland-Darss , Martin S. | ||
|---- | |---- | ||
|192.168.1.138 | |192.168.1.138 | ||
Zeile 263: | Zeile 366: | ||
|opennet0.6.sdk | |opennet0.6.sdk | ||
|Atheros AR7240 (Python) NanoStation Loco M5 | |Atheros AR7240 (Python) NanoStation Loco M5 | ||
− | | | + | |wohl von AirOS auf v0.5-1 aktualisiert - sollte laufen |
|Ziolkowskistr. 8b , Juliane M. | |Ziolkowskistr. 8b , Juliane M. | ||
|---- | |---- | ||
Zeile 288: | Zeile 391: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.151 | |192.168.1.151 | ||
− | | | + | |XM.v5.3.3 |
− | | | + | |opennet0.5.sdk |
− | |Atheros | + | |Atheros AR7240 (Python) NanoStation M5 |
− | + | |OK | |
− | | | + | |
|---- | |---- | ||
|192.168.1.154 | |192.168.1.154 | ||
Zeile 308: | Zeile 409: | ||
|0.5.0-308 | |0.5.0-308 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.158 | ||
+ | | | ||
+ | | | ||
+ | |white russian 0.11ipkg-13 0x0467/42 | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 326: | Zeile 433: | ||
|0.4-6 | |0.4-6 | ||
|Atheros AR7161 rev 2 MikroTik RouterBOARD 450G | |Atheros AR7161 rev 2 MikroTik RouterBOARD 450G | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.176 | |192.168.1.176 | ||
Zeile 333: | Zeile 439: | ||
| | | | ||
| | | | ||
− | | | + | |aktuell offline (Lars kümmert sich) |
− | |Satower Straße 55 , Verein | + | |Satower Straße 55, Verein |
|---- | |---- | ||
|192.168.1.178 | |192.168.1.178 | ||
Zeile 340: | Zeile 446: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | |Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | ||
− | | | + | |OK |
− | | | + | |---- |
+ | |192.168.1.180 | ||
+ | |attitude_adjustment | ||
+ | |0.4-5 | ||
+ | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
|---- | |---- | ||
|192.168.1.181 | |192.168.1.181 | ||
Zeile 359: | Zeile 470: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Bullet M | |Atheros AR7241 rev 1 Ubiquiti Bullet M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.195 | |192.168.1.195 | ||
Zeile 366: | Zeile 476: | ||
| | | | ||
| | | | ||
− | | | + | |ist kompetent genug |
|Brahestraße 36 , Christoph K. | |Brahestraße 36 , Christoph K. | ||
|---- | |---- | ||
Zeile 403: | Zeile 513: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.212 | |192.168.1.212 | ||
Zeile 410: | Zeile 519: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.215 | |192.168.1.215 | ||
Zeile 417: | Zeile 525: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.216 | |192.168.1.216 | ||
Zeile 424: | Zeile 531: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.220 | |192.168.1.220 | ||
Zeile 437: | Zeile 543: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |Philipp hat gefragt; aktuell im Urlaub, wird sich aber klären |
|Parkstraße xxx , Michael W. | |Parkstraße xxx , Michael W. | ||
|---- | |---- | ||
Zeile 450: | Zeile 556: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7240 rev 2 Ubiquiti Nanostation M | |Atheros AR7240 rev 2 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.226 | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.238 | ||
+ | | | ||
+ | | | ||
+ | |white russian 0.11ipkg-13 0x0467/42 | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 456: | Zeile 574: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | |Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.240 | |192.168.1.240 | ||
Zeile 463: | Zeile 580: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.244 | |192.168.1.244 | ||
Zeile 470: | Zeile 586: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.1.245 | |192.168.1.245 | ||
Zeile 477: | Zeile 592: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.247 | ||
| | | | ||
− | | | + | | |
+ | | | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.1.249 | ||
+ | |backfire | ||
+ | |0.4-1 | ||
+ | |Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | ||
+ | |OK | ||
|---- | |---- | ||
|192.168.1.250 | |192.168.1.250 | ||
Zeile 484: | Zeile 610: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.9 | |192.168.2.9 | ||
Zeile 491: | Zeile 616: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7240 rev 2 Ubiquiti Nanostation M | |Atheros AR7240 rev 2 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.2.13 | ||
+ | |attitude_adjustment | ||
+ | |0.4-5 | ||
+ | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 503: | Zeile 634: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | |Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.2.21 | ||
+ | |attitude_adjustment | ||
+ | |0.4-5 | ||
+ | |Atheros AR9344 rev 2 TP-LINK TL-WDR3600/4300/4310 | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 515: | Zeile 652: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.26 | |192.168.2.26 | ||
Zeile 528: | Zeile 664: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.29 | |192.168.2.29 | ||
Zeile 541: | Zeile 676: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.46 | |192.168.2.46 | ||
Zeile 590: | Zeile 724: | ||
|0.5.1-unstable-853 | |0.5.1-unstable-853 | ||
|Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | |Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.66 | |192.168.2.66 | ||
Zeile 597: | Zeile 730: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 TP-LINK TL-MR3420 | |Atheros AR7241 rev 1 TP-LINK TL-MR3420 | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.68 | |192.168.2.68 | ||
Zeile 610: | Zeile 742: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.70 | |192.168.2.70 | ||
Zeile 617: | Zeile 748: | ||
| | | | ||
| | | | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.77 | |192.168.2.77 | ||
Zeile 624: | Zeile 754: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.2.83 | ||
+ | | | ||
+ | | | ||
+ | | | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 636: | Zeile 772: | ||
|0.4-5 | |0.4-5 | ||
|Atheros AR7241 rev 1 Ubiquiti Nanostation M | |Atheros AR7241 rev 1 Ubiquiti Nanostation M | ||
− | | | + | |OK |
− | + | ||
|---- | |---- | ||
|192.168.2.88 | |192.168.2.88 | ||
Zeile 667: | Zeile 802: | ||
|0.5.0-694 | |0.5.0-694 | ||
|Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | |Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.2.97 | ||
+ | | | ||
+ | | | ||
+ | | | ||
|OK | |OK | ||
|---- | |---- | ||
Zeile 732: | Zeile 873: | ||
|barrier_breaker | |barrier_breaker | ||
|0.5.1-unstable-1036 | |0.5.1-unstable-1036 | ||
+ | |Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | ||
+ | |OK | ||
+ | |---- | ||
+ | |192.168.2.146 | ||
+ | |barrier_breaker | ||
+ | |0.5.2-unstable-1064 | ||
|Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | |Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | ||
|OK | |OK | ||
|---- | |---- | ||
|} | |} |
Aktuelle Version vom 3. Mai 2015, 23:41 Uhr
Diese Wiki-Seite beschreibt die CA-Zertifikatsaktualisierung, die auf allen APs Anfang 2015 erforderlich war. Diese Beschreibung hat lediglich historischen Wert. |
Nächsten Monat, konkret 12. April 2015, läuft das alte Zertifikat der Opennet CA aus. Daher muss innerhalb der nächsten Tage das alte CA Zerttifikat auf allen alten APs ersetzt werden durch ein neues.
Inhaltsverzeichnis |
[Bearbeiten] Fragen
Folgende Fragen stehen dazu im Raum:
- Bei welchen APs ist nur das alte Zertifikat installiert?
- Bei welchen Firmwareversionen wurden welche Zertifikate installiert?
- Sollen Zertifikate nur ausgetauscht werden oder gleich eine aktuelle Firmware installiert werden (abhängig von Harware)?
[Bearbeiten] Übersicht Firmwareversion - CA-Certs
Die folgende Tabelle listet auf, in welcher Firmwareversion welche CA Zertifikate enthalten sind.
Firmwareversion | enthaltene CA Zertifikate |
---|---|
0.5.0 | ca33,ca24,ca15 |
0.4.5 | ca15 |
0.3.10 | ca15 |
0.1 | ca15 |
Dabei ist zu beachten, dass die alten CA-Zertifikate bei einem Firmware-Upgrade erhalten bleiben. Das heißt, dass durchaus eine Firmware-Version 0.5.0 mit altem CA-Zertifikat ausgestattet sein kann, weil sie von einer Version v0.4.x aktualisiert wurde.
Legende:
Serial Number | Ablaufdatum | Abkürzung |
---|---|---|
d0:94:11:ca:45:ba:b5:f1 | Dec 21 23:59:59 2033 GMT | ca33 |
9e:76:cf:71:0f:71:fe:f1 | Mar 27 10:07:32 2024 GMT | ca24 |
0 (0x0) | Apr 12 15:27:40 2015 GMT | ca15 |
[Bearbeiten] Anleitung für die Aktualisierung
[Bearbeiten] openwrt-basierte Firmware
Das folgende Kommando ist für die verschiedenen Generationen (0.9ON5, 0.3-x, 0.4-x, 0.5-x) anwendbar:
wget -q -O - http://ca.on-i.de/tools/upgrade_ca_2005.sh | sh -s auto
Wirkungsweise:
- Wird eine alte CA (2005) entdeckt (wie erwartet), dann wird diese auf die Version von 2013 aktualisiert.
- Im Falle einer aktuellen CA wird dieser Fakt ausgegeben und das Skript beendet sich.
- Im Falle einer nicht erkannten CA meldete das Skript dies. Ersetze in diesem Fall "auto" durch "force", falls du die CA trotzdem austauschen möchtest.
[Bearbeiten] AirOS-basierte Firmware
ACHTUNG: dieser Ablauf ist kaum getestet!
Die folgenden Kommandos sollten die CA auf dem Gerät aktualisieren:
wget -q -O - http://ca.on-i.de/tools/upgrade_ca_2005.sh | sh -s auto cp /etc/openvpn/opennet_user/opennet-ca.crt /etc/persistent/opennet_user/ uci set openvpn.opennet_user.ca=/etc/persistent/opennet_user/opennet-ca.crt cfgmtd -p /etc -w
[Bearbeiten] Sonderfall: fehlende Internetverbindung
Falls auf dem AP aktuell keine Internetverbindung vorhanden ist, schlagen die oben beschriebenen Schritte fehl.
In diesem Fall muss zuvor folgendes ausgeführt werden:
echo "192.168.10.2 ca.on-i.de" >>/etc/hosts
Im Anschluss an die Aktualisierung sollte dieser Workaround unbedingt wieder beräumt werden, andernfalls wird es später zu verwirrenden Phänomenen kommen:
sed -i '/^192.168.10.2 ca.on-i.de$/d' /etc/hosts
[Bearbeiten] Zu aktualisierende APs
Auf der Firmware_Status Seite, werden alle APs mit ondataservice angezeigt. Dort kann die Firmwareversion entnommen werden.
Übersicht der APs mit Nutzer-VPN-Tunnel.
IP | OS Version | ONI Version | Gerät | CA-Status / Passwort-Zugänglichkeit | Standort / Eigentümer |
---|---|---|---|---|---|
192.168.1.3 | OK | ||||
192.168.1.6 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.7 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.8 | kein AP - ignorieren | ||||
192.168.1.13 | barrier_breaker | 0.4-6 | OK | ||
192.168.1.14 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.17 | OK | ||||
192.168.1.19 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.21 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.22 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.25 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.27 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Bullet M | OK | |
192.168.1.35 | white russian | 0.11ipkg-13 | 0x0708/42 | nur UGW | |
192.168.1.36 | white russian | 0.11ipkg-14pre2 | Linksys WRT54GL | OK | |
192.168.1.39 | OK | ||||
192.168.1.40 | OK | ||||
192.168.1.41 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.42 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.43 | attitude_adjustment | 0.4-5 | OK | ||
192.168.1.44 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.45 | OK | ||||
192.168.1.48 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 1 | OK | |
192.168.1.54 | barrier_breaker | 0.5.1 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.56 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.58 | white russian 0.11ipkg-13 0x467/00 | OK | |||
192.168.1.60 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.61 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.65 | AirOS | OK | |||
192.168.1.74 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.75 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 2 | OK | |
192.168.1.87 | OK | ||||
192.168.1.90 | white russian | 0.11ipkg-13 | 0x0467/42 | nur UGW | |
192.168.1.91 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.100 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.103 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.105 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.106 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.109 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.120 | nur UGW | ||||
192.168.1.121 | XM.v5.5 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation M5 | Jan aktualisiert selbst | Margaretenstrasse 40 , Jan C. |
192.168.1.122 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 2 | OK | |
192.168.1.124 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.128 | backfire | 0.4-1 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.129 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Bullet M | OK | |
192.168.1.130 | white russian | 0.11ipkg-13 | 0x467/00 | OK | |
192.168.1.135 | white russian | 0.11ipkg-13 | bcm94710dev/asusX | Emailadresse ungültig | Dändorf/Fischland-Darss , Martin S. |
192.168.1.138 | chaos_calmer | 0.5.0-694 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.140 | XM.v5.5 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation Loco M5 | wohl von AirOS auf v0.5-1 aktualisiert - sollte laufen | Ziolkowskistr. 8b , Juliane M. |
192.168.1.142 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.143 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.1.148 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.149 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.151 | XM.v5.3.3 | opennet0.5.sdk | Atheros AR7240 (Python) NanoStation M5 | OK | |
192.168.1.154 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.156 | chaos_calmer | 0.5.0-308 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.158 | white russian 0.11ipkg-13 0x0467/42 | OK | |||
192.168.1.163 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.167 | backfire | 0.3-10 | Broadcom BCM4712 chip rev 1 | OK | |
192.168.1.175 | attitude_adjustment | 0.4-6 | Atheros AR7161 rev 2 MikroTik RouterBOARD 450G | OK | |
192.168.1.176 | aktuell offline (Lars kümmert sich) | Satower Straße 55, Verein | |||
192.168.1.178 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.180 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.181 | barrier_breaker | 0.5.1-alpha-755 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.184 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.190 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Bullet M | OK | |
192.168.1.195 | ist kompetent genug | Brahestraße 36 , Christoph K. | |||
192.168.1.198 | white russian | 0.11ipkg-13 | 0x0467/42 | OK | |
192.168.1.199 | OK | ||||
192.168.1.203 | barrier_breaker | 0.5.2-unstable-1045 | Atheros AR9344 rev 2 TP-LINK TL-WDR3600/4300/4310 | OK | |
192.168.1.204 | OK | ||||
192.168.1.207 | OK | ||||
192.168.1.210 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.212 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.215 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.216 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.220 | OK | ||||
192.168.1.223 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | Philipp hat gefragt; aktuell im Urlaub, wird sich aber klären | Parkstraße xxx , Michael W. |
192.168.1.224 | chaos_calmer | 0.5.0-694 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.225 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.1.226 | OK | ||||
192.168.1.238 | white russian 0.11ipkg-13 0x0467/42 | OK | |||
192.168.1.239 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.240 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.244 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.245 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.1.247 | OK | ||||
192.168.1.249 | backfire | 0.4-1 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.1.250 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.9 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Nanostation M | OK | |
192.168.2.13 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.14 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.19 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.21 | attitude_adjustment | 0.4-5 | Atheros AR9344 rev 2 TP-LINK TL-WDR3600/4300/4310 | OK | |
192.168.2.22 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.23 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.26 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.27 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.29 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.34 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.46 | attitude_adjustment | 0.4-5 | Atheros AR7240 rev 2 Ubiquiti Bullet M | OK | |
192.168.2.50 | barrier_breaker | 0.5.1-unstable-1036 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.51 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.53 | kein AP - ignorieren | ||||
192.168.2.55 | backfire | 0.4-1 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.57 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.62 | XM.v5.3.3 | opennet0.6.sdk | Atheros AR7240 (Python) NanoStation M5 | OK | |
192.168.2.64 | barrier_breaker | 0.5.1-unstable-853 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.66 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 TP-LINK TL-MR3420 | OK | |
192.168.2.68 | attitude_adjustment | 0.4-5 | Atheros AR9132 rev 2 TP-LINK TL-WR1043ND | OK | |
192.168.2.69 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.70 | OK | ||||
192.168.2.77 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.83 | OK | ||||
192.168.2.84 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.86 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.88 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.92 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.93 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.94 | attitude_adjustment | 0.4-5 | Atheros AR7241 rev 1 Ubiquiti Nanostation M | OK | |
192.168.2.96 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.97 | OK | ||||
192.168.2.106 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.109 | barrier_breaker | 0.5.1-alpha-755 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.115 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.121 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.122 | barrier_breaker | 0.5.1-unstable-845 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.125 | chaos_calmer | 0.5.0-694 | Qualcomm Atheros QCA9558 rev 0 TP-LINK TL-WR1043ND v2 | OK | |
192.168.2.127 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.2.128 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Loco M XW | OK | |
192.168.2.129 | barrier_breaker | 0.5.1-1040 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.134 | chaos_calmer | 0.5.0-694 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.144 | barrier_breaker | 0.5.1-unstable-1036 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK | |
192.168.2.146 | barrier_breaker | 0.5.2-unstable-1064 | Atheros AR9342 rev 2 Ubiquiti Nanostation M XW | OK |