2

I am trying to understand the configuration options for wpa_supplicant. WEP is almost irrelevant, but it does occasionally exist in the wild, so I looked up an example configuration (from here):

network={
        ssid="MYWEAKLYENCRYPTEDWLAN"
        key_mgmt=NONE
        wep_key0="12345"
        wep_tx_keyidx=0
}

This is simple enough. But I've found other examples with multiple keys, such as:

network={
    ssid="static-wep-test"
    key_mgmt=NONE
    wep_key0="abcde"
    wep_key1=0102030405
    wep_key2="1234567890123"
    wep_tx_keyidx=0
    priority=5
}

In fact, that is from the example in the wpa_supplicant repository. It seems you are allowed to have up to four keys (wep_key0-wep_key3) and wep_tx_keyidx specifies which is the default.

The question is, what is the purpose of providing more than one key? Are there situations where that is necessary?

Dominick Pastore
  • 213

1 Answers1

1

That is the nature of WEP, you always have to send Key+index for Handshake. Only one key is used, but without sending the index you can't logon.
on client side it is useless to have multiple keys. but there are scenarios where different keys can used at same time for WDS links. If you have 4x WDS slave routers each of them can use another WEP key for connecting to WDS master. Assuming you have set different passwords for each router config. if one of the password is leaked, they can see the one WEP key. Now if they clone MAC address from master router and force other client routers to connect with the fake one, the other clients won't connect because they use different keys

alecxs
  • 396
  • 1
  • 4
  • 15