802.1X Unicast Keys?
Raghu
raghu at sraamerica.com
Fri Jan 3 12:26:57 EST 2003
Hi
Happy New Year to everyone.
A quick update, I have limited success with unicast keys,
and need your help to make it to work.
Once again my setup is XSupplicant, HostAP(client),
HostAP(AP), Hostapd (Authenticator), FreeRADIUS.
STA configuration,
iwpriv wlan0 host_encrypt 1
iwpriv wlan0 host_decrypt 1
iwpriv wlan0 ieee_802_1x 1
iwpriv wlan0 host_roaming 1
I am not sure if I can use, iwpriv wlan0 bcrx_sta_key 1 ?
AP command,
$ ./hostapd -x -b13 -i13 -o192.168.1.1 -a192.168.1.1
-stest -SSSID wlan0
Though I am using the same hostap cvs snapshot for both
STA and AP, Wireless extensions version differs at
AP(v12) and STA(v15).
After hostapd generates both broadcast and unicast keys,
iwconfig and iwlist shows only the broadcast key.
# iwlist wlan0 key
wlan0 2 key sizes : 40, 104bits
4 keys available :
[1]: off
[2]: 64A7-4D5C-D6C6-3653-505E-FB52-85 (104
bits)
[3]: off
[4]: off
Current Transmit Key: [2]
Encryption mode:open
How can I see the unicast key for each STA at AP ?
Xsupplicant receives the unicast key, occasionally,
I am not sure when it receives the unicast key
and when it doesnot. I was under the impression that
whenever Xsupplicant sends EAPOL start, a new
authentication takes place and AP should generate a
new unicast key and STA should always receive it,
but this doesnot seem to be happening.
After Xsupplicant receives both the broadcast key
and unicast key, iwconfig lists the broadcast key
and iwlist shows both the keys,
ie
# iwlist wlan0 key
wlan0 2 key sizes : 40, 104bits
4 keys available :
[1]: 056D-031D-E10E-5780-4E2A-07A2-3F (104
bits)
[2]: 64A7-4D5C-D6C6-3653-505E-FB52-85 (104
bits)
[3]: off
[4]: off
Current Transmit Key: [2]
Encryption mode:open
Because of this Incompatibility STA is still not able
to ping the AP.
Can you please let me know what are the other
configurations/commands that I need to set at STA/AP
to make unicast keys working ?
-Raghu
More information about the HostAP
mailing list