Confuguring wpa_supplicant with a SIM card reader to do EAP_SIM authentication

chris at chris at
Mon Aug 8 01:18:20 PDT 2016

I am trying to use a SIM card reader and opensc with wpa_supplicant to
authenticate a WiFi connection using EAP-SIM.

I was originally following the instructions at this site:-

However this uses the deprecated openct libraries so, on advice from
the opensc mailing list, I've got a card reader that works directly
with opensc.

I have got the SIM card reader working with opensc and pcsc_scan shows
the following:-

chris$ pcsc_scan
PC/SC device scanner
V 1.4.25 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau at>
Compiled with PC/SC lite version: 1.8.14
Using reader plug'n play mechanism
Scanning present readers...
0: Gemalto USB Shell Token V2 (5689ABD5) 00 00

Wed Aug  3 15:37:30 2016
Reader 0: Gemalto USB Shell Token V2 (5689ABD5) 00 00
Card state: Card inserted,
ATR: 3B 16 95 D0 01 6C FD 0D 00

ATR: 3B 16 95 D0 01 6C FD 0D 00
+ TS = 3B --> Direct Convention
+ T0 = 16, Y(1): 0001, K: 6 (historical bytes)
TA(1) = 95 --> Fi=512, Di=16, 32 cycles/ETU
125000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 156250 bits/s
+ Historical bytes: D0 01 6C FD 0D 00
Category indicator byte: D0 (proprietary format)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):

Updating /home/chris/.cache/smartcard_list.txt using
--2016-08-03 15:37:31--
Resolving (
Connecting to
(||:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 252874 (247K) [text/plain]
Saving to: ‘/home/chris/.cache/smartcard_list.txt’
100%[=================================================>] 246.95K
526KB/s    in 0.5s

2016-08-03 15:37:31 (526 KB/s) -
‘/home/chris/.cache/smartcard_list.txt’ saved [252874/252874]

Possibly identified card (using /home/chris/.cache/smartcard_list.txt):

Now I'm a bit stuck!  How do I configure wpa_supplicant to get the
information it needs from the card?  Do I just need to run pcscd and
add the following to the wpa_supplicant configuration:-

key_mgmt=WPA-EAP IEEE8021X

... or is there more to it?

More information about the Hostap mailing list