[Olsr-users] Encryption in ad-hoc network using Openwrt+OLSR
Henning Rogge
(spam-protected)
Fri Apr 4 12:18:56 CEST 2014
Hi,
are you sure about this parameter set?
I tested it between two Ubiquiti M Bullets (ath9k driver) on a up to
date OpenWRT AA with installed wpad.
I didn't got any error, everything worked. But then I noticed that
there is no wpad process running. So I changed the password on one of
the two nodes and rebooted it... and they still can talk to each
other. I assume that the network still runs "open".
Any tips what I could do?
Henning
On Thu, Apr 3, 2014 at 6:02 PM, Ben West <(spam-protected)> wrote:
> This is possible in current generations of OpenWRT Attitude Adjustment,
> although I'm not completely sure if the pre-compiled v12.09 binaries support
> it reliably. It is called IBSS-RSN. You would need to include the package
> wpad or hostapd + wpa_supplicant. The wpad_mini package as-is doesn't
> include IBSS-RSN support.
>
> Below is an example /etc/config/wireless which I use for adhoc encryption on
> a UBNT Nano M2. To my knowledge, tho, IBSS-RSN is only possibly with
> pre-shared keys (i.e. key stored locally on each node's flash), which does
> bring up security issues. I.e. WPA Enterprise-style distribution encryption
> management isn't available yet.
>
> config wifi-device radio0
> option type mac80211
> option channel 5
> option hwmode 11ng
> option macaddr DC:XX:XX:XX:XX:XX
> option htmode HT20
> list ht_capab SHORT-GI-20
> list ht_capab SHORT-GI-40
> list ht_capab TX-STBC
> list ht_capab RX-STBC1
> list ht_capab DSSS_CCK-40
> option beacon_int 337
> # REMOVE THIS LINE TO ENABLE WIFI:
> option disabled 0
>
> config wifi-iface wmesh
> option network 'mesh'
> option mode 'adhoc'
> option device 'radio0'
> option ssid 'MyMesh'
> option bssid '02:CA:FF:EE:BA:BE'
> option encryption 'psk2+aes'
> option key 'areallyreallyreallyreallystrongpassword'
>
> To take advantage of all the entropy available, I'd recommend using a tool
> like pwgen to generate a randomized with maximum entropy, and of maximum
> length (e.g. 63chars).
>
> 802.11s meshing, i.e. layer 2 meshing, will at some point support the
> authsae encryption agent, i.e. for distributed encryption management that
> does not depend on pre-shared keys. But, I don't believe it's at a usable
> state just yet.
>
>
>
>
> On Thu, Apr 3, 2014 at 8:57 AM, Andrea Mannoni <(spam-protected)>
> wrote:
>>
>> Hi all,
>>
>> I'm working for the implementation of an ad-hoc network that works, in
>> each repeater, with Openwrt + OLSR.
>>
>> I discovered that one critical problem in an ad-hoc network is the
>> impossibility to encrypt it.
>>
>> Did you find a solution at this problem?
>>
>> Thank you for your support.
>>
>> --
>>
>>
>> --
>> Olsr-users mailing list
>> (spam-protected)
>> https://lists.olsr.org/mailman/listinfo/olsr-users
>
>
>
>
> --
> Ben West
> (spam-protected)
>
> --
> Olsr-users mailing list
> (spam-protected)
> https://lists.olsr.org/mailman/listinfo/olsr-users
More information about the Olsr-users
mailing list