This is my last question I want to ask. I finally got time to learn how WPA2 encryption works. so there is per station key (temporal key), and one multicast key (group key). TK is derived from PSK by throwing together macs or both ends, two random numbers, and PMK (whick in case of wpa personal == PSK This means kernel can't automatically decrypt other stations traffic. But I could arrange small program that listens to device in monitor or maybe even just promisc mode, and records WPA handshakes. For every handshake it could install the key in kernel driver, so it would use it for decryption, and show the traffic on device in promisc mode. Is it possible to do today? I guess not. All this program has to know is the PSK. (I could even arrange WPA supplicant to do this job - it knows all keys already) Best regards, Maxim Levitsky -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html