wpa supplicant EAP-SIM configuration
Jouni Malinen
jkmaline
Fri Sep 15 08:44:48 PDT 2006
On Fri, Sep 15, 2006 at 03:05:15PM +0200, Vincent Maurin wrote:
> I want to connect to an access point with EAP-SIM authentication. In the
> default wpa_supplicant.conf, there is an example :
>
> # EAP-SIM with a GSM SIM or USIM
> network={
> ssid="eap-sim-test"
> key_mgmt=WPA-EAP
> eap=SIM
> pin="1234"
> pcsc=""
> }
>
> EAP usually requires an identity, but there is no "identity" field. Have
> I to set the identity ? Which value (sim card number) ?
EAP-SIM is most commonly used with automatically generated identity from
the IMSI ('1' | IMSI). This will be used if identity is not set in the
configuration file.
> Why does wpa supplicant need the pin code ? Does he get some information
> in the card ?
Yes, it reads the IMSI (which may or may not require PIN) and uses SIM
to generate response to the GSM authentication (which will likely
require PIN).
> I configure also the AP side, with hostap and freeradius, so I can
> change some settings (but server configuration is hard to understand to).
To use EAP-SIM properly, you would need to have GSM authentication
network in place (i.e., an HLR for generating authentication triplets)..
Use of local list of pre-generated triplets with hostapd or FreeRADIUS
as the authentication server could be used in tests, but that is not
really a good option for more than test use.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list