802.1X Unicast Keys?

Raghu raghu at sraamerica.com
Thu Jan 9 15:26:07 EST 2003


Hi, 
 
  Since my last few mails did not get any response and 
I am still struggling to figure out a way to make the 
unicast keys working, I thought to try again and request 
you all for any kind of help/feedback in this regard. 
 
 
Jouni, 
  Since you made the unicast keys working, can I request 
you to provide your setup so that I can replicate your 
setup and make it work. 
  If possible, can you please provide a brief description 
of how unicast keys work in hostAP?  
Any hooks(in the code)/hints/tips are also greatly 
appreciated. 
 
 
-Raghu 
 
>  
> From: Raghu <raghu at sraamerica.com> 
> Date: 2003/01/03 Fri PM 12:26:57 EST 
> To: hostap at shmoo.com 
> CC: raghu at sraamerica.com 
> Subject: Re: 802.1X Unicast Keys? 
>  
> Hi  
>   
> Happy New Year to everyone.  
>   
> A quick update, I have limited success with unicast 
keys,  
> and need your help to make it to work.  
> Once again my setup is XSupplicant, HostAP(client),  
> HostAP(AP), Hostapd (Authenticator), FreeRADIUS.  
>   
> STA configuration,  
> iwpriv wlan0 host_encrypt 1  
> iwpriv wlan0 host_decrypt 1  
> iwpriv wlan0 ieee_802_1x 1  
> iwpriv wlan0 host_roaming 1  
>   
> I am not sure if I can use, iwpriv wlan0 bcrx_sta_key 1 
?  
>   
> AP command,  
> $ ./hostapd -x -b13 -i13 -o192.168.1.1 -a192.168.1.1  
> -stest -SSSID wlan0  
>   
> Though I am using the same hostap cvs snapshot for both  
> STA and AP, Wireless extensions version differs at   
> AP(v12) and STA(v15).  
>   
>   
> After hostapd generates both broadcast and unicast keys,  
> iwconfig and iwlist shows only the broadcast key.  
>   
> # iwlist wlan0 key  
> wlan0     2 key sizes : 40, 104bits  
>           4 keys available :  
>                 [1]: off  
>                 [2]: 64A7-4D5C-D6C6-3653-505E-FB52-85 
(104  
> bits)  
>                 [3]: off  
>                 [4]: off  
>           Current Transmit Key: [2]  
>           Encryption mode:open  
>   
> How can I see the unicast key for each STA at AP ?  
>   
> Xsupplicant receives the unicast key, occasionally,  
> I am not sure when it receives the unicast key  
> and when it doesnot. I was under the impression that  
> whenever Xsupplicant sends EAPOL start, a new  
> authentication takes place and AP should generate a  
> new unicast key and STA should always receive it,  
> but this doesnot seem to be happening.  
>   
> After Xsupplicant receives both the broadcast key  
> and unicast key, iwconfig lists the broadcast key  
> and iwlist shows both the keys,  
> ie  
> # iwlist wlan0 key  
> wlan0     2 key sizes : 40, 104bits  
>           4 keys available :  
>                 [1]: 056D-031D-E10E-5780-4E2A-07A2-3F 
(104  
> bits)  
>                 [2]: 64A7-4D5C-D6C6-3653-505E-FB52-85 
(104  
> bits)  
>                 [3]: off  
>                 [4]: off  
>           Current Transmit Key: [2]  
>           Encryption mode:open  
>   
>   
> Because of this Incompatibility STA is still not able  
> to ping the AP.  
>   
> Can you please let me know what are the other  
> configurations/commands that I need to set at STA/AP  
> to make unicast keys working ?  
>   
>   
> -Raghu  
>  
>  




More information about the HostAP mailing list