wpa_cli - how to set net_nwtwork pairwiseTKIP CCMP

Manuel Sahm Manuel.Sahm at feig.de
Thu Aug 28 08:35:17 EDT 2008


Thank you very much,
 
I want to be able to connect to WPA/WPA2 (both only "Personal").
 
So am I right that this are the ONLY configurations which can appear
(please see below) ?
(ssid and psk functions are known and OK)
 
 
MODE                            wpa_cli parameter
---------------------------------------------------------------------------------------------
WPA-PSK-TKIP:            key_mgmt=WPA-PSK
                                   proto=WPA
                                   pairwise=TKIP
                                   group=TKIP        
 
WPA-PSK-AES:             key_mgmt=WPA-PSK
                                   proto=WPA
                                   pairwise=CCMP
                                   group=CCMP  
 
--------------------------------------------------------------------------------------------
WPA2-PSK-TKIP:           key_mgmt=WPA2-PSK
                                   proto=WPA2
                                   pairwise=TKIP
                                   group=TKIP  
 
WPA2-PSK-TKIP-AES:    key_mgmt=WPA2-PSK
                                   proto=WPA
                                   pairwise=CCMP TKIP
                                   group=TKIP  
 
---------------------------------------------------------------------------------------------
 
Do I have forgotten any possible Mode ?
 
Thank you very very much
 
Manuel Sahm
             

>>> Jouni Malinen <j at w1.fi> 28.08.2008 14:18 >>>
On Thu, Aug 28, 2008 at 01:53:05PM +0200, Manuel Sahm wrote:

> I have set WPA2 encryption in my router (TKIP + AES).
>  
> If I type iwlist scan, linux shows me the 
> group cipher : TKIP 
> pairwise ciphers (2) : CCMP TKIP
>  
> 1.) Why is group cipher only TKIP and not TKIP CCMP ?

Group cipher is used for broadcast/multicast frames and as such, it
must
be shared with all clients and as such, there can only be one group
cipher and it has to be the least secure (well, the most likely to be
implemented) cipher from the ones enabled as pairwise ciphers.

> 2.) how could I set via wpa_cli the pairwise varaible to TKIP CCMP ?
> If I type wpa_cli -iwlan0 set_network TKIP CCMP ist doesn´t work,
the
> function only allows 3 paramters ???

TKIP CCMP must be in a single command line argument, i.e., use
set_network "TKIP CCMP" on the command line.

-- 
Jouni Malinen                                            PGP id
EFC895FA
_______________________________________________
HostAP mailing list
HostAP at lists.shmoo.com 
http://lists.shmoo.com/mailman/listinfo/hostap
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20080828/6a8c4ca9/attachment-0001.htm 


More information about the HostAP mailing list