[Olsr-users] Encryption in ad-hoc network using Openwrt+OLSR
Thu Apr 3 18:02:16 CEST 2014
This is possible in current generations of OpenWRT Attitude Adjustment,
although I'm not completely sure if the pre-compiled v12.09 binaries
support it reliably. It is called IBSS-RSN. You would need to include the
package wpad or hostapd + wpa_supplicant. The wpad_mini package as-is
doesn't include IBSS-RSN support.
Below is an example /etc/config/wireless which I use for adhoc encryption
on a UBNT Nano M2. To my knowledge, tho, IBSS-RSN is only possibly with
pre-shared keys (i.e. key stored locally on each node's flash), which does
bring up security issues. I.e. WPA Enterprise-style distribution
encryption management isn't available yet.
config wifi-device radio0
option type mac80211
option channel 5
option hwmode 11ng
option macaddr DC:XX:XX:XX:XX:XX
option htmode HT20
list ht_capab SHORT-GI-20
list ht_capab SHORT-GI-40
list ht_capab TX-STBC
list ht_capab RX-STBC1
list ht_capab DSSS_CCK-40
option beacon_int 337
# REMOVE THIS LINE TO ENABLE WIFI:
option disabled 0
config wifi-iface wmesh
option network 'mesh'
option mode 'adhoc'
option device 'radio0'
option ssid 'MyMesh'
option bssid '02:CA:FF:EE:BA:BE'
option encryption 'psk2+aes'
option key 'areallyreallyreallyreallystrongpassword'
To take advantage of all the entropy available, I'd recommend using a tool
like pwgen to generate a randomized with maximum entropy, and of maximum
length (e.g. 63chars).
802.11s meshing, i.e. layer 2 meshing, will at some point support the
authsae encryption agent, i.e. for distributed encryption management that
does not depend on pre-shared keys. But, I don't believe it's at a usable
state just yet.
On Thu, Apr 3, 2014 at 8:57 AM, Andrea Mannoni <(spam-protected)>wrote:
> Hi all,
> I'm working for the implementation of an ad-hoc network that works, in
> each repeater, with Openwrt + OLSR.
> I discovered that one critical problem in an ad-hoc network is the
> impossibility to encrypt it.
> Did you find a solution at this problem?
> Thank you for your support.
> Olsr-users mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Olsr-users