Using wpad as radius server

I am trying to use wpad/hostapd as a radius server.
I realise, that hostapd is started with a configuration file like /var/run/hostapd-phy0.conf, but I cannot figure out how to add the needed configuration, since it is autocreated.

So I wanted to start another instance of hostapd with another conf-file. I was hoping, that I could use driver=none, but get the error " invalid/unknown driver 'none'"

Do anybody know, how I start hostapd as solely radiusserver, og even better: change the default hostapd-phy0.conf file, so it include another conf-file (or adds the settings I need)?

Why are you trying to use the client software - to setup a server?

See: https://openwrt.org/docs/guide-user/network/wifi/wireless.security.8021x

Before beginning you will want to make sure you have completed the following steps:

Installed a RADIUS server such as FreeRADIUS (on OpenWrt or on another server).

Thank you for taking your time to answer my questions.

I am actually trying to use hostapd as a radius SERVER. It is somewhat hidden, but it is actually possible.

Have a look at https://w1.fi/hostapd/ "Supported EAP methods (integrated EAP server and RADIUS authentication server)"

Actually, I find it strange, that all guides are using FreeRadius. If it is possible with hostapd the setup is much more simple and spacesaving..

/Thomas

I have now got a little further. As a proof of concept, I just edit /var/run/hostapd-phy1.conf and then reload hostapd by kill -HUP pid (where pid is pid of hostapd)
I check that no error with logread -e hostapd
The client is windows 10
When connecting to wifi, I am asked for username and password. I enter, and I can see the log by running hostapd_cli
<3>CTRL-EVENT-EAP-STARTED 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
<3>CTRL-EVENT-EAP-STARTED 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
<3>CTRL-EVENT-EAP-RETRANSMIT 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-STARTED 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
<3>CTRL-EVENT-EAP-STARTED 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
<3>CTRL-EVENT-EAP-STARTED 34:41:5d:45:b4:10
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
<3>CTRL-EVENT-EAP-RETRANSMIT 34:41:5d:45:b4:10

conffile:

driver=nl80211
logger_syslog=127
logger_syslog_level=2
logger_stdout=127
logger_stdout_level=2
hw_mode=g
supported_rates=60 90 120 180 240 360 480 540
basic_rates=60 120 240
beacon_int=100
channel=11

noscan=1

ieee80211n=1
ht_coex=0
ht_capab=[SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC12]

interface=wlan1-1
ctrl_interface=/var/run/hostapd
ap_isolate=1
bss_load_update_period=60
chan_util_avg_period=600
disassoc_low_ack=1
preamble=1
wmm_enabled=1
ignore_broadcast_ssid=0
uapsd_advertisement_enabled=1
utf8_ssid=1
multi_ap=0
eapol_key_index_workaround=1
ieee8021x=1
auth_algs=1
wpa=2
eap_server=1
eapol_version=1
eap_user_file=/usr/local/eap/hostapd.eap_user
ca_cert=/usr/local/eap/ca.pem
server_cert=/usr/local/eap/server.pem
private_key=/usr/local/eap/server.key
private_key_passwd=
dh_file=/usr/local/eap/dhparam.pem
wpa_pairwise=CCMP
ssid=AMV19
bridge=br-lan
wpa_disable_eapol_key_retries=1
wpa_key_mgmt=WPA-EAP
okc=0
disable_pmksa_caching=1
start_disabled=1
bssid=c4:6e:1f:40:81:f4

content of /usr/local/eap/hostapd.eap_user

# Phase 1 users
* PEAP [ver=0]
# Phase 2
"test" TTLS-MSCHAPV2,MSCHAPV2 "password" [2]

I have also tried (with same result):

# Phase 1 users
* PEAP
# Phase 2
"test" MSCHAPV2 "password" [2]

Hi @tboege - it's cool that you're doing this with hostapd!

Could you please write more?

1. did you finaly migrated to it?
2. any conclusions after few months of usage?
3. do you consider writing a guide/blogpost about it?

this is not working for me at least, added:

eap_server=1
eap_user_file=/etc/hostapd.eap_user

Which version of wpad have you installed? Maybe you have to install wpad-full?

newest openwrt master branch with wpad-full, could never get eap_server work