Since it has been ages since WPA3 R3 was released, there is barely any commercial router that
put SAE-PK as a feature into use.
I have got a Linksys e8450 at hand, and have installed openwrt 22.03.1
From the change log, I found that this current version supports SAE-PK to some extent.
My question is whether you experts in this forum have ever tried this SAE-PK authentication
as the latest WPA3 feature.
And how to get it going under openwrt?
Yes, I do have an issue that even if I rewrite the hostapd.conf(through SIGHUP signal, knowing the /etc/config/wireless stuff), the e8450 fails to carry RSNXE IE with RSNX==0x60 to indicate SAE-PK capability in its beacon.
The thing is I am testing my company's iot device with this newly introduced feature.
My question is how can i turn this SAE-PK on and change configuration, simply by WEBUI? or hacking hostapd.conf?
Yep, it is no good idea just skip to manipulate the hostap.conf, I have to follow the OpenWrt rules.
There seems no explicit switch ON/OFF to control SAE-PublicKey authentication.
What enables SAE-PK feature in hostapd.conf is like:
Is that possible AP will automatically adopt this SAE-PK authentication by identifying
a SAE-PK-style password, like 2udb-slxf-3ij2 and stuff like that, since SAE-PK is nothing
more than a SAE extention.
Might it be so, shall I just modify /config/wireless in "option key" to a SAE-PK style string?
So far, I have not seen any document talking about SAE-PK on OpenWrt website, except
2 releasenotes, changelogs.
What I am looking for is just an officially recommended way of SAE-PublicKey configuration.
First remove the wpad-basic-xxxxssl which is installed by default and install the full version which is just called wpad-xxxxssl. That build contains more cryptographic features, though I could not say if the one you are looking for is there.