wpa_psk_radius info...
Jouni Malinen
j at w1.fi
Fri Oct 15 13:51:30 PDT 2021
On Tue, Oct 12, 2021 at 05:34:45PM +0200, Marco Gaiarin wrote:
> For my home i need to setup two AP, using LEDE/OpenWRT, but i want to use
> different WPA_PSK for different MAC address, but possibly using one central
> configuration repository.
> Clearly, i can 'rsync' the 'wpa_psk' file between the AP, but it is really
> and hack.
>
> I've read of 'wpa_psk_radius', that seems the thing i need, but i'm not able
> to find and example on how configure RADIUS server.
That depends on which RADIUS server you are thinking of using here. The
passphrase is provided in a Tunnel-Password attribute (as defined in RFC
2868). The only example within hostap.git is in an automated test case
for this functionality where a python script using pyrad implements a
minimal RADIUS authentication server for this: build_tunnel_password()
function at
https://w1.fi/cgit/hostap/tree/tests/hwsim/test_radius.py#n1151
but that is unlikely to be of much help or a more likely deployment
options with a complete RADIUS server implementation. I'd recommend
searching for Tunnel-Password in the documentation of whichever RADIUS
server you are using.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list