Hostapd and wpa_supplicant configuration

Jouni Malinen j
Sat Aug 16 05:22:43 PDT 2008

On Thu, Aug 14, 2008 at 11:22:00AM +0200, mohamed.chaari at wrote:

> I want to use hostapd and wpa_supplicant to sercure the access to a
> Network. I want to use WPA-EAP with EAP-PSK. I have installed hostapd in
> the Access Point and wa_supplicant in te client laptop. I used these
> configurations :

> * The file hostapd.conf :

> eap_server=1

> auth_server_addr=
> auth_server_port=1812
> auth_server_shared_secret=secret

The configuration for an external RADIUS server is not actually needed
(or used) if the internal authentication server (eap_server=1) is used.
The internal server skips RADIUS processing completely.

However, you do need to configure the user accounts and password for the
internal server in order for the authentication to work. eap_user_file
option is used in hostapd.conf to point to the user data and the user
file defines valid user names and passwords. See the included
hostapd.eap_user for an example how to configure a user for EAP-PSK.

> * The file wpa_supplicant.conf of the :

> 	eap=psk

That needs to be in upper case (eap=PSK).

> 	identity="eap_psk_user"
> 	eap_psk=06b4be19da289f475aa46a33cb793029
> 	nai="eap_psk_user at"

The current development branch (0.6.x) has cleaned up EAP-PSK
configuration to use same mechanism as other username/password(or PSK)
methods. In that version, the configuration would be as follows:

    anonymous_identity="psk user"
    identity="psk.user at"

If you are using 0.5.x, the configuration you showed above is otherwise
correct, but 'eap_psk' should be spelled 'eappsk' here.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list