Changing keymanagement without disconnect
Jouni Malinen
j
Thu Dec 18 10:24:05 PST 2008
On Thu, Dec 18, 2008 at 10:55:21AM +0100, Arne Keller wrote:
> is it possible to change the keymanagement without a disconnect?
> I think of something like connecting with EAP-MD5 and then doing a
> rekeying with lets say EAP-TLS.
What exactly do you mean with "keymanagement". The example here is about
a change in the used EAP method, not key management mechanism (e.g., PSK
vs. EAP). Furthermore, use of EAP-MD5 as an example with rekeying is
confusing since EAP-MD5 does not derive any keying material.
> I've tried this with "wpa_cli select_network" by changing two different
> configurations for one AP but this causes a interrupt of the connection.
> Maybe there is a way to change the code that this can be done without
> deleting the old key that the connection remains up until the new key is
> derived.
If you are trying to change EAP method from one to another, you could
probably change the current configuration block, logoff, logon (see
wpa_cli commands set_network, logoff, logon). This could be done within
the same association (if that is what you consider a "connection").
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list