about "Open System" and "Shared System" Authentication Type?
c4linux at gmail.com
Tue Nov 25 20:28:28 EST 2008
Hi,thank you! I'll check my AP's configuration.
But there is another question about AR2413 and madwifi driver.
madwifi can support VAP, so I setup 2 VAPs, one is ath0, another is
ath1.both of them are set SharedKey authentication and use WEP encrypthion.
I type the command below to set each of them a password:
iwconfig ath0 key  s:1111111111111
iwconfig ath1 key  s:2222222222222
the strange thing happens, It seems that ath1's password overwrite the
ath0's, so if I set my sta the ath1's password and select ath0 to connect, I
connect the ath0 successfully. Why? are the 4 slots for WEP Key is shared by
all VAPs? or VAP is not stable?
2008/11/25 Dan Williams <dcbw at redhat.com>
> On Tue, 2008-11-25 at 17:21 +0800, c4linux c4linux wrote:
> > Thanks for your help
> > But i found that if I set AP with a password in an OpenSystem
> > Authentication, STA can always connect the AP and access its
> > resource , Why? OpenSystem Authentication need no password?
> You have to separate encryption (WEP/WPA/etc) from authentication
> (Shared Key/Open System). For example, WPA uses Open System
> exclusively, but it's more secure because it protects the communication
> with a strong encryption algorithm.
> Open System is used even in unencrypted mode (ie, no WEP or WPA
> enabled). But it can also be used with encryption enabled.
> It's the _encryption_, not the Open System/Shared Key authentication,
> that makes your access point secure more secure with WEP. It sounds
> like you've turned off encryption completely.
> > 2008/10/16 Dan Williams <dcbw at redhat.com>
> > On Thu, 2008-10-16 at 10:20 +0800, c4linux c4linux wrote:
> > > >>Open System actually doesn't do authentication.
> > >
> > >
> > > authentication = encryption?
> > No, they are different. But Shared Key authentication _uses_
> > the WEP
> > encryption algorithm as access control.
> > > So Why I can do WEP encryption in an Open System
> > authentication? I'm
> > > confused between authentication and encryption :(
> > They are two different things. Authentication determines
> > whether or not
> > a user is allowed to access the system in the first place,
> > while
> > encryption protects the content of their messages _after_ they
> > have been
> > granted access to the system. But to preserve security and
> > prevent
> > spoofed authentications, some authentication methods also
> > employ
> > encryption as part of the process, but it's a separate step
> > from the
> > encryption that happens after the user has gained access to
> > the system.
> > Dan
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the HostAP