hostapd.conf man page on PC-BSD

Man page or keyword search:  
man Server   9747 pages
apropos Keyword Search (all sections)
Output format
PC-BSD logo
[printable version]

HOSTAPD.CONF(5)		    BSD File Formats Manual	       HOSTAPD.CONF(5)

NAME
     hostapd.conf — configuration file for hostapd(8) utility

DESCRIPTION
     The hostapd(8) utility is an authenticator for IEEE 802.11 networks.  It
     provides full support for WPA/IEEE 802.11i and can also act as an IEEE
     802.1X Authenticator with a suitable backend Authentication Server (typi‐
     cally FreeRADIUS).

     The configuration file consists of global parameters and domain specific
     configuration:
	   ·   IEEE 802.1X-2004
	   ·   RADIUS client
	   ·   RADIUS authentication server
	   ·   WPA/IEEE 802.11i

GLOBAL PARAMETERS
     The following parameters are recognized:

     interface
	     Interface name.  Should be set in “hostap” mode.

     debug   Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps,
	     4 = excessive.

     dump_file
	     Dump file for state information (on SIGUSR1).

     ctrl_interface
	     The pathname of the directory in which hostapd(8) creates UNIX
	     domain socket files for communication with frontend programs such
	     as hostapd_cli(8).

     ctrl_interface_group
	     A group name or group ID to use in setting protection on the con‐
	     trol interface file.  This can be set to allow non-root users to
	     access the control interface files.  If no group is specified,
	     the group ID of the control interface is not modified and will,
	     typically, be the group ID of the directory in which the socket
	     is created.

IEEE 802.1X-2004 PARAMETERS
     The following parameters are recognized:

     ieee8021x
	     Require IEEE 802.1X authorization.

     eap_message
	     Optional displayable message sent with EAP Request-Identity.

     wep_key_len_broadcast
	     Key lengths for broadcast keys.

     wep_key_len_unicast
	     Key lengths for unicast keys.

     wep_rekey_period
	     Rekeying period in seconds.

     eapol_key_index_workaround
	     EAPOL-Key index workaround (set bit7) for WinXP Supplicant.

     eap_reauth_period
	     EAP reauthentication period in seconds.  To disable reauthentica‐
	     tion, use “0”.

RADIUS CLIENT PARAMETERS
     The following parameters are recognized:

     own_ip_addr
	     The own IP address of the access point (used as NAS-IP-Address).

     nas_identifier
	     Optional NAS-Identifier string for RADIUS messages.

     auth_server_addr, auth_server_port, auth_server_shared_secret
	     RADIUS authentication server parameters.  Can be defined twice
	     for secondary servers to be used if primary one does not reply to
	     RADIUS packets.

     acct_server_addr, acct_server_port, acct_server_shared_secret
	     RADIUS accounting server parameters.  Can be defined twice for
	     secondary servers to be used if primary one does not reply to
	     RADIUS packets.

     radius_retry_primary_interval
	     Retry interval for trying to return to the primary RADIUS server
	     (in seconds).

     radius_acct_interim_interval
	     Interim accounting update interval.  If this is set (larger than
	     0) and acct_server is configured, hostapd(8) will send interim
	     accounting updates every N seconds.

RADIUS AUTHENTICATION SERVER PARAMETERS
     The following parameters are recognized:

     radius_server_clients
	     File name of the RADIUS clients configuration for the RADIUS
	     server.  If this is commented out, RADIUS server is disabled.

     radius_server_auth_port
	     The UDP port number for the RADIUS authentication server.

     radius_server_ipv6
	     Use IPv6 with RADIUS server.

WPA/IEEE 802.11i PARAMETERS
     The following parameters are recognized:

     wpa     Enable WPA.  Setting this variable configures the AP to require
	     WPA (either WPA-PSK or WPA-RADIUS/EAP based on other configura‐
	     tion).

     wpa_psk, wpa_passphrase
	     WPA pre-shared keys for WPA-PSK.  This can be either entered as a
	     256-bit secret in hex format (64 hex digits), wpa_psk, or as an
	     ASCII passphrase (8..63 characters) that will be converted to
	     PSK.  This conversion uses SSID so the PSK changes when ASCII
	     passphrase is used and the SSID is changed.

     wpa_psk_file
	     Optionally, WPA PSKs can be read from a separate text file (con‐
	     taining a list of (PSK,MAC address) pairs.

     wpa_key_mgmt
	     Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or
	     both).

     wpa_pairwise
	     Set of accepted cipher suites (encryption algorithms) for pair‐
	     wise keys (unicast packets).  See the example file for more
	     information.

     wpa_group_rekey
	     Time interval for rekeying GTK (broadcast/multicast encryption
	     keys) in seconds.

     wpa_strict_rekey
	     Rekey GTK when any STA that possesses the current GTK is leaving
	     the BSS.

     wpa_gmk_rekey
	     Time interval for rekeying GMK (master key used internally to
	     generate GTKs), in seconds.

SEE ALSO
     hostapd(8), hostapd_cli(8)

HISTORY
     The hostapd.conf manual page and hostapd(8) functionality first appeared
     in FreeBSD 6.0.

AUTHORS
     This manual page is derived from the README and hostapd.conf files in the
     hostapd distribution provided by Jouni Malinen ⟨j@w1.fi⟩.

BSD			       September 2, 2006			   BSD
[top]

List of man pages available for PC-BSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net