EAP-TLS + PSK : Unsupported EAP type 'PSK'
Jouni Malinen
j
Sat Jul 19 23:38:07 PDT 2014
On Wed, Jul 16, 2014 at 11:16:17AM +0200, L?o Peltier wrote:
> I'm currently setting up access points that need both EAP-TLS
> authentication and a PSK when an user need to access the device
> directly. This works using 'hostapd v0.7.3' on Ubuntu 12.04 (i386) using the
> following config:
>
> hostapd.conf (shortened):
> > wpa_key_mgmt=WPA-EAP WPA-PSK
> > wpa_psk=deadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33f
> > eap_user_file=/path/to/users
>
> users:
> > "some-prefix-"* TLS
> > * PSK deadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33f
That EAP users PSK entry is for EAP-PSK, not for WPA-Passphrase/PSK.
Since you mention EAP-TLS and PSK, I'd assume you only need the TLS
entry in the EAP users file and the WPA PSK is configured with wpa_psk.
> > Unsupported EAP type 'PSK' on line 2 in '/var/run/hostapd-eap'
While that can be resolved by adding support for EAP-PSK into hostapd
build, it does not sound like you would actually be using EAP-PSK and
the more appropriate way of fixing this is removing that unused "* PSK
..." line from the eap_user_file.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list