aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2018-08-01 14:51:42 (GMT)
committerJouni Malinen <j@w1.fi>2018-08-01 14:51:42 (GMT)
commite7d73c378d891120c756f5534afc5f6919e0b0c6 (patch)
tree3170bcab5fa5bd75780a299c2b02d0cb1ab51a3a /hostapd
parentcbdf5a49c8247c9a8f5cbc69f1858af5247aa432 (diff)
downloadhostap-e7d73c378d891120c756f5534afc5f6919e0b0c6.zip
hostap-e7d73c378d891120c756f5534afc5f6919e0b0c6.tar.gz
hostap-e7d73c378d891120c756f5534afc5f6919e0b0c6.tar.bz2
Provide more details of WPA3 modes in hostapd.conf
Clarify that wpa=2 (i.e., RSN) is used for WPA3 and list previously undocumented wpa_key_mgmt values. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/hostapd.conf18
1 files changed, 17 insertions, 1 deletions
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 0de4b85..70f9713 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1239,7 +1239,10 @@ own_ip_addr=127.0.0.1
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
-#wpa=1
+# Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2.
+# In other words, for WPA3, wpa=2 is used the configuration (and
+# wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK).
+#wpa=2
# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
@@ -1268,10 +1271,23 @@ own_ip_addr=127.0.0.1
# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The
# entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be
# added to enable SHA256-based stronger algorithms.
+# WPA-PSK = WPA-Personal / WPA2-Personal
+# WPA-PSK-SHA256 = WPA2-Personal using SHA256
+# WPA-EAP = WPA-Enterprise / WPA2-Enterprise
+# WPA-EAP-SHA256 = WPA2-Enterprise using SHA256
+# SAE = SAE (WPA3-Personal)
+# WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite
+# FT-PSK = FT with passphrase/PSK
+# FT-EAP = FT with EAP
+# FT-EAP-SHA384 = FT with EAP using SHA384
+# FT-SAE = FT with SAE
# FILS-SHA256 = Fast Initial Link Setup with SHA256
# FILS-SHA384 = Fast Initial Link Setup with SHA384
# FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256
# FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384
+# OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open)
+# DPP = Device Provisioning Protocol
+# OSEN = Hotspot 2.0 online signup with encryption
# (dot11RSNAConfigAuthenticationSuitesTable)
#wpa_key_mgmt=WPA-PSK WPA-EAP