path: root/hostapd/README-WPS
diff options
authorJouni Malinen <jouni.malinen@atheros.com>2009-05-26 14:44:44 (GMT)
committerJouni Malinen <j@w1.fi>2009-05-26 14:44:44 (GMT)
commit077a781f7ab4e87955f1a97fcd0b939c74a57165 (patch)
tree067e2f656417d894709389c1abd4f1df6b45f11b /hostapd/README-WPS
parentb63303b86432561988ebaa61e13bc9c74457d7cf (diff)
WPS: Add support for setting timeout for PIN
hostapd_cli wps_pin command can now have an optional timeout parameter that sets the PIN lifetime in seconds. This can be used to reduce the likelihood of someone else using the PIN should an active PIN be left in the Registrar.
Diffstat (limited to 'hostapd/README-WPS')
1 files changed, 8 insertions, 1 deletions
diff --git a/hostapd/README-WPS b/hostapd/README-WPS
index b46d767..e0e370b 100644
--- a/hostapd/README-WPS
+++ b/hostapd/README-WPS
@@ -165,10 +165,17 @@ Example command to add a PIN (12345670) for an Enrollee:
hostapd_cli wps_pin 53b63a98-d29e-4457-a2ed-094d7e6a669c 12345670
If the UUID-E is not available (e.g., Enrollee waits for the Registrar
-to be selected before connecting), wildcard UUID may be used to allow the PIN to be used once with any UUID:
+to be selected before connecting), wildcard UUID may be used to allow
+the PIN to be used once with any UUID:
hostapd_cli wps_pin any 12345670
+To reduce likelihood of PIN being used with other devices or of
+forgetting an active PIN available for potential attackers, expiration
+time can be set for the new PIN:
+hostapd_cli wps_pin any 12345670 300
After this, the Enrollee can connect to the AP again and complete WPS
negotiation. At that point, a new, random WPA PSK is generated for the