| # wpa_supplicant configuration file. |
| |
| # Whether to allow wpa_supplicant to update (overwrite) configuration |
| # |
| # This option can be used to allow wpa_supplicant to overwrite configuration |
| # file whenever configuration is changed (e.g., new network block is added with |
| # wpa_cli or wpa_gui, or a password is changed). This is required for |
| # wpa_cli/wpa_gui to be able to store the configuration changes permanently. |
| # Please note that overwriting configuration file will remove the comments from |
| # it. |
| update_config=1 |
| |
| # global configuration (shared by all network blocks) |
| # |
| # Parameters for the control interface. If this is specified, wpa_supplicant |
| # will open a control interface that is available for external programs to |
| # manage wpa_supplicant. The meaning of this string depends on which control |
| # interface mechanism is used. For all cases, the existence of this parameter |
| # in configuration is used to determine whether the control interface is |
| # enabled. |
| # |
| # For UNIX domain sockets (default on Linux and BSD): This is a directory that |
| # will be created for UNIX domain sockets for listening to requests from |
| # external programs (CLI/GUI, etc.) for status information and configuration. |
| # The socket file will be named based on the interface name, so multiple |
| # wpa_supplicant processes can be run at the same time if more than one |
| # interface is used. |
| # /var/run/wpa_supplicant is the recommended directory for sockets and by |
| # default, wpa_cli will use it when trying to connect with wpa_supplicant. |
| # |
| # Access control for the control interface can be configured by setting the |
| # directory to allow only members of a group to use sockets. This way, it is |
| # possible to run wpa_supplicant as root (since it needs to change network |
| # configuration and open raw sockets) and still allow GUI/CLI components to be |
| # run as non-root users. However, since the control interface can be used to |
| # change the network configuration, this access needs to be protected in many |
| # cases. By default, wpa_supplicant is configured to use gid 0 (root). If you |
| # want to allow non-root users to use the control interface, add a new group |
| # and change this value to match with that group. Add users that should have |
| # control interface access to this group. If this variable is commented out or |
| # not included in the configuration file, group will not be changed from the |
| # value it got by default when the directory or socket was created. |
| # |
| # When configuring both the directory and group, use following format: |
| # DIR=/var/run/wpa_supplicant GROUP=wheel |
| # DIR=/var/run/wpa_supplicant GROUP=0 |
| # (group can be either group name or gid) |
| # |
| # For UDP connections (default on Windows): The value will be ignored. This |
| # variable is just used to select that the control interface is to be created. |
| # The value can be set to, e.g., udp (ctrl_interface=udp) |
| # |
| # For Windows Named Pipe: This value can be used to set the security descriptor |
| # for controlling access to the control interface. Security descriptor can be |
| # set using Security Descriptor String Format (see http://msdn.microsoft.com/ |
| # library/default.asp?url=/library/en-us/secauthz/security/ |
| # security_descriptor_string_format.asp). The descriptor string needs to be |
| # prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set an empty |
| # DACL (which will reject all connections). See README-Windows.txt for more |
| # information about SDDL string format. |
| # |
| ctrl_interface=wlan0 |
| |
| # IEEE 802.1X/EAPOL version |
| # wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines |
| # EAPOL version 2. However, there are many APs that do not handle the new |
| # version number correctly (they seem to drop the frames completely). In order |
| # to make wpa_supplicant interoperate with these APs, the version number is set |
| # to 1 by default. This configuration value can be used to set it to the new |
| # version (2). |
| eapol_version=1 |
| |
| # AP scanning/selection |
| # By default, wpa_supplicant requests driver to perform AP scanning and then |
| # uses the scan results to select a suitable AP. Another alternative is to |
| # allow the driver to take care of AP scanning and selection and use |
| # wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association |
| # information from the driver. |
| # 1: wpa_supplicant initiates scanning and AP selection; if no APs matching to |
| # the currently enabled networks are found, a new network (IBSS or AP mode |
| # operation) may be initialized (if configured) (default) |
| # 0: driver takes care of scanning, AP selection, and IEEE 802.11 association |
| # parameters (e.g., WPA IE generation); this mode can also be used with |
| # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with |
| # APs (i.e., external program needs to control association). This mode must |
| # also be used when using wired Ethernet drivers. |
| # 2: like 0, but associate with APs using security policy and SSID (but not |
| # BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to |
| # enable operation with hidden SSIDs and optimized roaming; in this mode, |
| # the network blocks in the configuration file are tried one by one until |
| # the driver reports successful association; each network block should have |
| # explicit security policy (i.e., only one option in the lists) for |
| # key_mgmt, pairwise, group, proto variables |
| # When using IBSS or AP mode, ap_scan=2 mode can force the new network to be |
| # created immediately regardless of scan results. ap_scan=1 mode will first try |
| # to scan for existing networks and only if no matches with the enabled |
| # networks are found, a new IBSS or AP mode network is created. |
| ap_scan=1 |
| |
| # EAP fast re-authentication |
| # By default, fast re-authentication is enabled for all EAP methods that |
| # support it. This variable can be used to disable fast re-authentication. |
| # Normally, there is no need to disable this. |
| fast_reauth=1 |