Re: Reg H2E without password identifier

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Mar 10, 2021 at 11:34:19PM +0000, RAGHAVENDRA SADARAMACHANDRA (rsadaram) wrote:
>    I am running latest hostapd in H2E only mode using following hostapd.conf.
>   ….
>   sae_pwe=1
>   sae_groups=19
>   sae_password=example secret
>   
>    Latest Wpa_supplicant is not connecting to H2E only mode AP, if I use wpa_supplicant.conf with only “sae_password=example secret”

Are you leaving the sae_pwe to its default value, i.e., H2E disabled, in
wpa_supplicant configutation?

>   Wpa_supplicant throws:
>   1615416250.587683: wlp5s0: Selecting BSS from priority group 0
>   1615416250.587690: wlp5s0: 0: f8:a2:d6:bc:d0:51 ssid='raghu-test-h2e' wpa_ie_len=0 rsn_ie_len=20 caps=0x411 level=-39 freq=2437
>   1615416250.587700: wlp5s0:    selected based on RSN IE
>   1615416250.587704: wlp5s0:    SAE H2E disabled
> 1615416250.587708: wlp5s0:    skip - rate sets do not match 

This indicates that wpa_supplicant has SAE H2E disabled and cannot join
the network that mandates use of H2E.

>  If I use password identifier then it works. Following config works.
> Hostapd.conf:
> sae_password=example secret|id=pw identifier
>  
> wpa_supplicant.conf:
> sae_password="example secret"
> sae_password_id="pw identifier"

Specifying SAE Password Identifier will automatically enable H2E since
the standard allows password identifier to be used only with H2E.

> Is there a way to test wpa_supplicant and hostapd without using pwd identifier?

Yes, you'll just need to enable SAE H2E in wpa_supplicant configuration
(sae_pwe=1 or sae_pwe=2).

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap




[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux