about "Open System" and "Shared System" Authentication Type?
Queenie de Melo
Tue Nov 25 20:18:38 PST 2008
Are both the VAPs (ath0 and ath1) having different ssid or using the same
Also check the mac address created for VAP's Is it the same?
On Wed, Nov 26, 2008 at 6:58 AM, c4linux c4linux <c4linux at gmail.com> wrote:
> Hi,thank you! I'll check my AP's configuration.
> But there is another question about AR2413 and madwifi driver.
> madwifi can support VAP, so I setup 2 VAPs, one is ath0, another is
> ath1.both of them are set SharedKey authentication and use WEP encrypthion.
> I type the command below to set each of them a password:
> iwconfig ath0 key  s:1111111111111
> iwconfig ath1 key  s:2222222222222
> the strange thing happens, It seems that ath1's password overwrite the
> ath0's, so if I set my sta the ath1's password and select ath0 to connect, I
> connect the ath0 successfully. Why? are the 4 slots for WEP Key is shared by
> all VAPs? or VAP is not stable?
> Thank you!
> 2008/11/25 Dan Williams <dcbw at redhat.com>
> On Tue, 2008-11-25 at 17:21 +0800, c4linux c4linux wrote:
>> > Thanks for your help
>> > But i found that if I set AP with a password in an OpenSystem
>> > Authentication, STA can always connect the AP and access its
>> > resource , Why? OpenSystem Authentication need no password?
>> You have to separate encryption (WEP/WPA/etc) from authentication
>> (Shared Key/Open System). For example, WPA uses Open System
>> exclusively, but it's more secure because it protects the communication
>> with a strong encryption algorithm.
>> Open System is used even in unencrypted mode (ie, no WEP or WPA
>> enabled). But it can also be used with encryption enabled.
>> It's the _encryption_, not the Open System/Shared Key authentication,
>> that makes your access point secure more secure with WEP. It sounds
>> like you've turned off encryption completely.
>> > 2008/10/16 Dan Williams <dcbw at redhat.com>
>> > On Thu, 2008-10-16 at 10:20 +0800, c4linux c4linux wrote:
>> > > >>Open System actually doesn't do authentication.
>> > >
>> > >
>> > > authentication = encryption?
>> > No, they are different. But Shared Key authentication _uses_
>> > the WEP
>> > encryption algorithm as access control.
>> > > So Why I can do WEP encryption in an Open System
>> > authentication? I'm
>> > > confused between authentication and encryption :(
>> > They are two different things. Authentication determines
>> > whether or not
>> > a user is allowed to access the system in the first place,
>> > while
>> > encryption protects the content of their messages _after_ they
>> > have been
>> > granted access to the system. But to preserve security and
>> > prevent
>> > spoofed authentications, some authentication methods also
>> > employ
>> > encryption as part of the process, but it's a separate step
>> > from the
>> > encryption that happens after the user has gained access to
>> > the system.
>> > Dan
> HostAP mailing list
> HostAP at lists.shmoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Hostap