Hi, I'm testing LibreMesh (LEDE) and I'm using the default firmware. I'm change the password for the client access to WPA2 but I couldn't find where to set the password for the mesh ? I.e. when I setup a new node, it automatically connects to the mesh, so there is no option to secure it. Any idea ?
That is not a LEDE question. It appears that LibreMesh's philosophy is for city-wide meshes that offer public access on an open wifi AP.
You should ssh into your nodes and set a root password to prevent tampering though.
For a private mesh with WPA authentication of the end-users I've been testing RADIUSdesk / Meshdesk.
I stop looking at Radiusdesk after the "pricing" part. Right now, I'm just exploring the options.
This is both a LEDE and Libremesh question. Unless I misunderstood, Libremesh firmware is really just LEDE with packages. I post here hoping that somebody who work with LEDE would also have work with specific mesh configurations. Libremesh firmware uses LUCI to config, so there has been no need for me to go to CLI so far. I have been able to assign password for the WPA "end-users" and radius appears to be a valid option, but since I focusing on the Mesh side of things at the moment, I've not explore that.
It's the "infra" password, i.e. how do I secure AP to AP communications that I'm concern with. I read "SAE" but am trying to find more information. Thanks for the help.
Radiusdesk is fully open source and free, if you run your own server.
When using 802.11s under BATMAN, it would be secured with SAE, which I think is built in to the full version of wpad. So you would just add encryption 'authsae' and a key to your mesh interface definition in /etc/config/wireless. However, when I last tried it, ath10k was OK for unsecured but crashed on secured mesh interfaces.
Thanks. I'm giving up on Libremesh for now. It looks interesting but even with a single node and no other interferences, the wireless throughput was 50% of what I could achieve with just standard LEDE. That the 802.11s comes without authsae by default is another showstopper. Will revisit this another time. Thanks !!