From c4db3c56f3feb04592eeeb14ccda71fb92cc05a3 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 16 Oct 2003 19:59:54 +0000 Subject: documentation finished git-svn-id: file:///home/lennart/svn/public/aeswepd/trunk@27 022f378f-78c4-0310-b860-d162c87e6274 --- doc/README.html.in | 132 ++++++++++++++------------------------------------- doc/style.css | 10 ++-- man/aeswepd.8.xml.in | 21 ++++---- 3 files changed, 51 insertions(+), 112 deletions(-) diff --git a/doc/README.html.in b/doc/README.html.in index 8675a90..7de603a 100644 --- a/doc/README.html.in +++ b/doc/README.html.in @@ -10,7 +10,7 @@

aeswepd @PACKAGE_VERSION@

License

Fri Sep 13 2003:

Version 0.3 released, splitted from waproamd, added documentation, manpage, some bug fixes.

Version 0.3 released, split from waproamd, added documentation, manpage, some bug fixes.

Overview

-What is it? waproamd is a Linux WLAN roaming daemon for IEEE 802.11b
-cards supported by a driver with wireless extension API. It may be
-used for configuring WEP keys according to the WLANs available. It is
-intended to be used in conjunction with ifplugd, which configures your
-network automatically whenever an association with an AP suceeded.
-
-waproamd is intended to be used together with ifplugd.
-
-A short overview on the daemons involved and how they work together:
-
-  waproamd: when not associated waproamd does periodic scans and tries
-    to associate to a sensible AP by running a script in
-    /etc/waproamd/scripts
-
-    (built from waproamd-xxx.tar.gz)
-
-  aeswepd: A daemon for doing AES based WEP rekeying, it is called by
-    /etc/waproamd/scripts/default if
-    /etc/waproamd/keys/[AP-MAC-ADDRESS].aes exists. It implements an
-    algorithm which is not standardized and only compatible with APs
-    using aeswepd as well. aeswepd may be used without waproamd. The
-    opposite is true as well.
-
-    If you create a root-owned directory /var/lib/aeswepd all running 
-    aeswepd instances will save the current wep keys to a file therein
-    which may be accessed via "aeswepls".
-
-    (built from waproamd-xxx.tar.gz too)
-
-  ifplugd: if an association succeeded ifplugd runs ifup for the
-    device (and ifdown if it is lost again)
-
-    (built from ifplugd-xxx.tar.gz)
-
-waproamd will not issue scans while associated.
-
-The algorithm to select an AP if multiple are available is rather
-simple: The first AP which has a script named by the AP MAC address
-available in /etc/waproamd/scripts/ is seleted. If none has suh a
-script /etc/waproamd/scripts/default is run for the first AP.
-
-waproamd requires libdaemon.
-
-waproamd is tested with hostap 0.0.3 only, with other drivers
-ymmv. The host roaming feature of newer hostap releases might be
-useful, however it is broken on 0.0.3 and not required by waproamd.
-
-Update: waproamd works fine with 0.0.4
-
-waproamd requires a driver supporting the wireless extension v15 or
-newer. Drivers supporting the iwevent ("wireless events") API are
-useful, however not required. Unfortunately support for this API
-cannot be detected automatically. Use the "-e" switch to disable it.
-
-waproamd requires a driver supporting scanning (iwlist scan) for
-detecting the networks available.
-
-There is no need to compile, nor to install aeswepd if your interest is
-limited to waproamd only. See "configure --help" for more information.
-
-no manpages, no further documentation included. Read the source, luke!
-
-waproamd relies on autoconf/automake for source code configuration and
-building.
-
-The software packages involved are available from the following URLs:
-
-  http://0pointer.de/lennart/projects/waproamd/
-  http://0pointer.de/lennart/projects/libdaemon/
-  http://0pointer.de/lennart/projects/ifplugd/
-

aeswepd is UNIX daemon for changing WEP keys of WLAN devices in +constant intervals. The WEP keys are calculated by encrypting the +current UNIX time using the AES cypher with a given constant +key. aeswepd strengthens the security of the weak hardware based, standards +compliant WEP technology.

aeswepd may use up to three hardware WEP keys: the first is +set to the current, the second to the previous and the third to +the next key. This is useful when working with not completely +synchronized RTCs. If only a single hardware WEP key is used, you +have to synchronize your RTCs so that no connectivity interrupts +may occur.

aeswepd has several advantages over other solutions to +improve WEP: it is easy to use, doesn't involve computing intensive +algorithms, doesn't increase traffic latency. On the other hand it has +several disadvantages as well: it requires an installation of +aeswepd on all network members, it is not standardized, +currently only APs which run a flavour of Linux may be used with +it.

Status

Version 0.3 is stable and has all the sensible features its users could think of.

Version 0.3 is more or less stable. It features only a single WEP key driver for local NICs supporting the Linux wireless extensions v15.

Documentation

Have a look on the man pages aeswepd(8), ifstatus(8), aeswepd.conf(5). (A XSLT capable browser is required)

Configuration

Troubleshooting

FAQ

Have a look on the man page aeswepd(8). (An XSLT capable browser is required)

aeswepd has no configuration file. It is intended to be run with correct command line arguments from ifup/ifdown or waproamd.

Requirements

A newer Linux Kernel (I think 2.2 is good enough, alltough I tested it -only with 2.4) with a compatible device driver and -ethernet card. Most modern cards and drivers are compatible, like mine -which works with the 8139too driver.

A newer Linux Kernel with a compatible device driver and WLAN NIC +(Wireless extensions v15 or newer). Most modern cards and drivers are +compatible, like mines which work with the hostap driver, version 0.0.3 and above.

aeswepd was developed and tested on Debian GNU/Linux -"testing" from July 2003, it should work on most other Linux -distributions (and maybe Unix versions) since it uses GNU autoconf and -GNU libtool for source code configuration and shared library -management.

The machine used was a Medion 9580-F laptop with a Realtek 8139 -network card and a PRISM1 PCMCIA wireless LAN card.

The machines used for development are a Medion 9580-F laptop with a +TEAC and a ZONET PCMCIA WLAN NIC, and an 1 GHz Celeron PC with a noname PCI +WLAN NIC. All three cards feature a PRISM2 chipset.

aeswepd needs libdaemon.

make install

Lennart Poettering <@PACKAGE_BUGREPORT@>, October 2003

$Id: README.html.in 48 2003-09-13 11:36:11Z lennart $

$Id$

aeswepls [options]

aeswepd is UNIX daemon for changing WEP keys of WLAN devices - in constant intervals. The WEP keys are calculated by encrypting - the current UNIX time using the AES cypher with a given constant - key. aeswepd is intended to increase the security of the - hardware based, standards compliant WEP technology.

+ +

aeswepd is UNIX daemon for changing WEP keys of WLAN devices + in constant intervals. The WEP keys are calculated by encrypting + the current UNIX time using the AES cypher with a given constant + key. aeswepd strengthens the security of the weak hardware + based, standards compliant WEP technology.

aeswepd may use up to three hardware WEP keys: the first is set to the current, the second to the previous and the third to @@ -84,7 +84,8 @@

-t | --rekey-time=SEC

Specify the rekeying interval in seconds.

Specify the rekeying interval in seconds. (default: + 900, that is 15 minutes)

@@ -146,12 +147,12 @@

/var/run/aeswepd.<aeswepdgt;.pid: the pid file +

/var/run/aeswepd.<interface>.pid: the pid file for aeswepd.

SIGINT, SIGTERM, SIGTQUIT aeswepd will quit. This is issued by passing -k to aeswepd.

SIGINT, SIGTERM, SIGQUIT aeswepd will quit. This is issued by passing -k to aeswepd.

SIGHUP aeswepd will rekey immediately.

-- cgit