On Tue, 2009-04-07 at 07:59 +0300, Kalle Valo wrote: > Maxim Levitsky <maximlevitsky@xxxxxxxxx> writes: > > > This means kernel can't automatically decrypt other stations traffic. > > But I could arrange small program that listens to device in monitor or > > maybe even just promisc mode, and records WPA handshakes. For every > > handshake it could install the key in kernel driver, so it would use > > it for decryption, and show the traffic on device in promisc mode. Is > > it possible to do today? I guess not. All this program has to know is > > the PSK. (I could even arrange WPA supplicant to do this job - it > > knows all keys already) > > I think wireshark does something like this. You can enter the PSK in the > settings and it will decrypt the traffic. I only tried it once and it > was a long time ago, though. > Exactly. But for this I have to use monitor, which means that each time I want to see only network traffic I have to filter by essid, filter out beacons, etc. it would be nicer to use promisc mode, and receive decrypted the ethernet frames. So can this be done? Best regards, Maxim Levitsky -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
