Hostapd and wpa_supplicant configuration
Jouni Malinen
j
Sat Aug 16 05:22:43 PDT 2008
On Thu, Aug 14, 2008 at 11:22:00AM +0200, mohamed.chaari at orange-ftgroup.com wrote:
> I want to use hostapd and wpa_supplicant to sercure the access to a
> Network. I want to use WPA-EAP with EAP-PSK. I have installed hostapd in
> the Access Point and wa_supplicant in te client laptop. I used these
> configurations :
> * The file hostapd.conf :
> eap_server=1
> auth_server_addr=127.0.0.1
> auth_server_port=1812
> auth_server_shared_secret=secret
The configuration for an external RADIUS server is not actually needed
(or used) if the internal authentication server (eap_server=1) is used.
The internal server skips RADIUS processing completely.
However, you do need to configure the user accounts and password for the
internal server in order for the authentication to work. eap_user_file
option is used in hostapd.conf to point to the user data and the user
file defines valid user names and passwords. See the included
hostapd.eap_user for an example how to configure a user for EAP-PSK.
> * The file wpa_supplicant.conf of the :
> eap=psk
That needs to be in upper case (eap=PSK).
> identity="eap_psk_user"
> eap_psk=06b4be19da289f475aa46a33cb793029
> nai="eap_psk_user at example.com"
The current development branch (0.6.x) has cleaned up EAP-PSK
configuration to use same mechanism as other username/password(or PSK)
methods. In that version, the configuration would be as follows:
anonymous_identity="psk user"
identity="psk.user at example.com"
password=0123456789abcdef0123456789abcdef
If you are using 0.5.x, the configuration you showed above is otherwise
correct, but 'eap_psk' should be spelled 'eappsk' here.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list