Login or Register to Ask a Question and Join Our Community


IP Networking

Re-keying parameters in Wpa2 - psk setup

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking Re-keying parameters in Wpa2 - psk setup
# 1  
Old 02-03-2015
Router Re-keying parameters in hostapd.conf
Hi folks,

Considering the configuration of an AP in the hostapd.conf file:

As GMK is used like a seed for the generation of GTK(Group Temporal Key), does setting a lower value for GMK timer enforce the generation of a new GTK right away or does the time interval for GTK have to elapse anyway for the GMK to be used?
Last edited by Ms. T; 02-05-2015 at 05:18 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

tuning network parameters : parameters not persist after reboot

Hello, On Aix 5.2, we changed the parameters tcp_keepinit, tcp_keepintvl and tcp_keepidle with the no command. tunrestore -R is present in inittab in the directory /etc/tunables we can clearly see the inclusion of parameters during reboot, including the file lastboot.log ... (0 Replies)
Discussion started by: dantares
0 Replies

2. Shell Programming and Scripting

More than nine parameters

Hi, please tell me the systax for passing 11 variables(including 4compulsory variables) in shell program. ORA_USERPASS=`echo $1` USERID=`echo $2` USERNAME=`echo $3` REQUESTID=`echo $4` P5=`echo $5` P6=`echo $6` P7=`echo $7` P8=`echo $8` P9=`echo $9` shift P10=`echo $9` shift... (3 Replies)
Discussion started by: anitha126
3 Replies

3. AIX

NIM server setup on etherchannel setup environment

I know that IBM's official stance is that NIM does not work on etherchannel environment, but has anyone able to get around it? I'm working on a p5-590 LPAR system, and the NIM master and clients are all on the same frame. Any help is appreciated. (1 Reply)
Discussion started by: pdtak
1 Replies

4. Shell Programming and Scripting

parameters

i'm supposed to come up with a script that -accepts a directory as an optional command line parameter -display an error message and terminates if more than one parameter is provided -use the current directory if no parameter is provided -displays an error message and terminates if the provided... (4 Replies)
Discussion started by: jaay
4 Replies

5. UNIX for Dummies Questions & Answers

What Setup?

Hopefully this post won't be too long :rolleyes: I've been in data processing for a number of years running on a windows system, and working with perl and MySQL to get the job done. I'm now part of a team who have bought a company and have been asked to investigate how we setup a new Data... (3 Replies)
Discussion started by: Kraythorne
3 Replies

6. Shell Programming and Scripting

parameters

I have a script that needs to check if the given parameters are a combination of 0123456789 and not a word or another irelevant character.please help (6 Replies)
Discussion started by: aekaramg20
6 Replies

7. Shell Programming and Scripting

Need Parameters Help.

I can test for one parameter but anything more then that and I get an Error. I forgot I run this batch in a shell #!/bin/sh ------------------------------------------------------------------------- Write a batch program that accepts a keyword as a parameter and finds all the files... (3 Replies)
Discussion started by: james2006
3 Replies

8. UNIX for Dummies Questions & Answers

What is your setup ??

Am looking installing Red Hat 7.2 on an AMD-K6/2 PC and after realising that I can't use my space 80G HD due to BIOS restrictions (have resorted to using a 20G HD), was wondering what setup others use. If "Other" please indicate. (5 Replies)
Discussion started by: Cameron
5 Replies

9. IP Networking

setup all right ?

Hi there im new to linux. I installed mandrake linux and set up all my networkcard ip address etc. when i do "route" or "ifconfig" all addresses etc. are allright but i cant ping other machines in my network also the machine with linux on it cant be pinged if i ping a machine from linux i always... (5 Replies)
Discussion started by: PhoenixHawk
5 Replies

10. UNIX for Dummies Questions & Answers

How to suppress input keying from displaying on terminal.

I'm a Unix newbie. In a shell-script, is there any way to accept keyboard input (via STDIN) without having it display on the screen? I know keying in a login password sort of does this by replacing what you key with astericks (*) but I believe that's a "C" routine. I'd like to be able to... (2 Replies)
Discussion started by: liteyear18
2 Replies
Login or Register to Ask a Question

LEARN ABOUT FREEBSD

hostapd.conf

HOSTAPD.CONF(5) 					      BSD File Formats Manual						   HOSTAPD.CONF(5)

NAME

     hostapd.conf -- configuration file for hostapd(8) utility

DESCRIPTION

     The hostapd(8) utility is an authenticator for IEEE 802.11 networks.  It provides full support for WPA/IEEE 802.11i and can also act as an
     IEEE 802.1X Authenticator with a suitable backend Authentication Server (typically FreeRADIUS).

     The configuration file consists of global parameters and domain specific configuration:
	   o   IEEE 802.1X-2004
	   o   RADIUS client
	   o   RADIUS authentication server
	   o   WPA/IEEE 802.11i

GLOBAL PARAMETERS

     The following parameters are recognized:

     interface
	     Interface name.  Should be set in ``hostap'' mode.  Make certain that there are no spaces after the interface name, or hostapd will
	     complain that the interface does not exist.

     debug   Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps, 4 = excessive.

     dump_file
	     Dump file for state information (on SIGUSR1).

     ctrl_interface
	     The pathname of the directory in which hostapd(8) creates UNIX domain socket files for communication with frontend programs such as
	     hostapd_cli(8).

     ctrl_interface_group
	     A group name or group ID to use in setting protection on the control interface file.  This can be set to allow non-root users to
	     access the control interface files.  If no group is specified, the group ID of the control interface is not modified and will, typi-
	     cally, be the group ID of the directory in which the socket is created.

IEEE 802.1X-2004 PARAMETERS
     The following parameters are recognized:

     ieee8021x
	     Require IEEE 802.1X authorization.

     eap_message
	     Optional displayable message sent with EAP Request-Identity.

     wep_key_len_broadcast
	     Key lengths for broadcast keys.

     wep_key_len_unicast
	     Key lengths for unicast keys.

     wep_rekey_period
	     Rekeying period in seconds.

     eapol_key_index_workaround
	     EAPOL-Key index workaround (set bit7) for WinXP Supplicant.

     eap_reauth_period
	     EAP reauthentication period in seconds.  To disable reauthentication, use ``0''.

RADIUS CLIENT PARAMETERS

     The following parameters are recognized:

     own_ip_addr
	     The own IP address of the access point (used as NAS-IP-Address).

     nas_identifier
	     Optional NAS-Identifier string for RADIUS messages.

     auth_server_addr, auth_server_port, auth_server_shared_secret
	     RADIUS authentication server parameters.  Can be defined twice for secondary servers to be used if primary one does not reply to
	     RADIUS packets.

     acct_server_addr, acct_server_port, acct_server_shared_secret
	     RADIUS accounting server parameters.  Can be defined twice for secondary servers to be used if primary one does not reply to RADIUS
	     packets.

     radius_retry_primary_interval
	     Retry interval for trying to return to the primary RADIUS server (in seconds).

     radius_acct_interim_interval
	     Interim accounting update interval.  If this is set (larger than 0) and acct_server is configured, hostapd(8) will send interim
	     accounting updates every N seconds.

RADIUS AUTHENTICATION SERVER PARAMETERS

     The following parameters are recognized:

     radius_server_clients
	     File name of the RADIUS clients configuration for the RADIUS server.  If this is commented out, RADIUS server is disabled.

     radius_server_auth_port
	     The UDP port number for the RADIUS authentication server.

     radius_server_ipv6
	     Use IPv6 with RADIUS server.

WPA
/IEEE 802.11i PARAMETERS
     The following parameters are recognized:

     wpa     Enable WPA.  Setting this variable configures the AP to require WPA (either WPA-PSK or WPA-RADIUS/EAP based on other configuration).

     wpa_psk, wpa_passphrase
	     WPA pre-shared keys for WPA-PSK.  This can be either entered as a 256-bit secret in hex format (64 hex digits), wpa_psk, or as an
	     ASCII passphrase (8..63 characters) that will be converted to PSK.  This conversion uses SSID so the PSK changes when ASCII
	     passphrase is used and the SSID is changed.

     wpa_psk_file
	     Optionally, WPA PSKs can be read from a separate text file containing a list of PSK and MAC address pairs.

     wpa_key_mgmt
	     Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both).

     wpa_pairwise
	     Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets).  See the example file for more informa-
	     tion.

     wpa_group_rekey
	     Time interval for rekeying GTK (broadcast/multicast encryption keys) in seconds.

     wpa_strict_rekey
	     Rekey GTK when any STA that possesses the current GTK is leaving the BSS.

     wpa_gmk_rekey
	     Time interval for rekeying GMK (master key used internally to generate GTKs), in seconds.

SEE ALSO

     hostapd(8), hostapd_cli(8)

HISTORY

     The hostapd.conf manual page and hostapd(8) functionality first appeared in FreeBSD 6.0.

AUTHORS

     This manual page is derived from the README and hostapd.conf files in the hostapd distribution provided by Jouni Malinen <j@w1.fi>.

BSD
								 September 2, 2006							       BSD