Software:Wpa supplicant

From HandWiki
Revision as of 18:13, 25 July 2022 by imported>Nautica (add)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


wpa_supplicant
Screenshot of wpa gui
Screenshot of wpa_gui
Developer(s)Jouni Malinen and others
Initial releaseApril 5, 2003 (2003-04-05)
Stable release
2.9[1] / August 7, 2019; 5 years ago (2019-08-07)
Written inC
Operating systemCross-platform
TypeWLAN tools
LicenseBSD
Websitew1.fi/wpa_supplicant/

wpa_supplicant is a free software implementation of an IEEE 802.11i supplicant for Linux, FreeBSD, NetBSD, QNX, AROS, Microsoft Windows, Solaris, OS/2 (including ArcaOS and eComStation)[2] and Haiku.[3] In addition to being a WPA3 and WPA2 supplicant, it also implements WPA and older wireless LAN security protocols.

Features

Features include:[4]

  • WPA-PSK and WPA2-PSK ("WPA-Personal", pre-shared key)
  • WPA3[5]
  • WPA with EAP ("WPA-Enterprise", for example with RADIUS authentication server)
  • RSN: PMKSA caching, pre-authentication
  • IEEE 802.11r
  • IEEE 802.11w
  • Wi-Fi Protected Setup (WPS)

Included with the supplicant are a GUI and a command-line utility for interacting with the running supplicant. From either of these interfaces it is possible to review a list of currently visible networks, select one of them, provide any additional security information needed to authenticate with the network (for example, a passphrase, or username and password) and add it to the preference list to enable automatic reconnection in the future.[6]

The graphical user interface is built on top of the Qt library.

wpa_supplicant can authenticate with any of the following EAP (Extensible Authentication Protocol) methods: EAP-TLS, EAP-PEAP (both PEAPv0 and PEAPv1), EAP-TTLS, EAP-SIM, EAP-AKA, EAP-AKA', EAP-pwd, EAP-EKE, EAP-PSK (experimental), EAP-FAST, EAP-PAX, EAP-SAKE, EAP-GPSK, EAP-IKEv2, EAP-MD5, EAP-MSCHAPv2, and LEAP (requires special functions in the driver).[6]

Vulnerability to KRACK

wpa_supplicant was especially susceptible to KRACK, as it can be manipulated to install an all-zeros encryption key, effectively nullifying WPA2 protection in a man-in-the-middle attack.[7] Version 2.7 fixed KRACK and several other vulnerabilities.

See also

References

External links