RESEND: issue with EAP-MD5

Arend Van Spriel arend.vanspriel at broadcom.com
Mon Apr 10 01:45:10 PDT 2017 

On 10-4-2017 10:27, Arend Van Spriel wrote:
> Exceeded the message size limit so put log file somewhere public.
> 
> Regards,
> Arend
> 
> -------- Forwarded Message --------
> Subject: issue with EAP-MD5
> Date: Sun, 9 Apr 2017 20:47:30 +0200
> From: Arend Van Spriel <arend.vanspriel at broadcom.com>
> To: hostap at lists.infradead.org <hostap at lists.infradead.org>
> 
> Hi,
> 
> It has been a long time ago since I tried our driver with something else
> than WPA-PSK. Feeling lucky I installed freeradius and to keep it simple
> wanted to give EAP-MD5 a try. It appears to work fine, but after a while
> it disconnects. This sequence keeps occurring (see syslog [1]).
> Below the configuration of wpa_supplicant and the radius server. Anyone
> who can tell me what is missing here.

Never mind. Going through wpa_supplicant.conf file I found this:

# Following fields are only used with internal EAP implementation.
# eap: space-separated list of accepted EAP methods
#       MD5 = EAP-MD5 (insecure and does not generate keying material ->
#                       cannot be used with WPA; to be used as a Phase 2
method
#                       with EAP-PEAP or EAP-TTLS)

Regards,
Arend

> Regards,
> Arend
> 
> [1] https://drive.google.com/open?id=0B7kWvMc3fNTBNXM3TlljRS14Y2M
> 
> =======================================================================
> wpa_supplicant config
> -----------------------------------------------------------------------
> ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
> network={
>     ssid="NSN5"
>     scan_ssid=1
>     key_mgmt=WPA-EAP
>     eap=MD5
>     identity="bondjamesbond"
>     password="m007q"
> }
> =======================================================================
> freeradius config
> -----------------------------------------------------------------------
> diff --git a/clients.conf b/clients.conf
> index 729c15d..d430ed3 100644
> --- a/clients.conf
> +++ b/clients.conf
> @@ -18,6 +18,11 @@
>  #
>  #
> 
> +client e3000 {
> +       ipaddr = 192.168.3.1
> +       secret = c443160f-56de-41c2-ad3d-ff8e6a3
> +}
> +
>  #
>  #  Each client has a "short name" that is used to distinguish it from
>  #  other clients.
> diff --git a/users b/users
> index 1c17b50..1b110a0 100644
> --- a/users
> +++ b/users
> @@ -68,6 +68,8 @@
>  #              Reply-Message = "Your account has been disabled."
>  #
> 
> +bondjamesbond  Cleartext-Password := "m007q"
> +
>  #
>  # This is a complete entry for "steve". Note that there is no Fall-Through
>  # entry so that no DEFAULT entry will be used, and the user will NOT
>

More information about the Hostap mailing list