Date: Mon, 11 Apr 2022 02:47:24 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: dca1590eb5a2 - stable/13 - wpa_supplicant.conf.5: add note about scan_ssid=1 eavesdropping Message-ID: <202204110247.23B2lOJY040251@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=dca1590eb5a2d5b388204d0c17ced8761f2c16fc commit dca1590eb5a2d5b388204d0c17ced8761f2c16fc Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-03-16 02:18:01 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-04-11 02:46:54 +0000 wpa_supplicant.conf.5: add note about scan_ssid=1 eavesdropping When scan_ssid=1 the list of configured SSIDs is available to eavesdroppers. Note this in the man page. PR: 194122 Reviewed by: debdrup, Pau Amma MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34576 (cherry picked from commit 4f75af31a86ff71780f48a5b99cf814f61d77eae) --- usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 b/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 index a2032c53bc6e..c22d3aa5da68 100644 --- a/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 +++ b/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 26, 2018 +.Dd March 16, 2022 .Dt WPA_SUPPLICANT.CONF 5 .Os .Sh NAME @@ -133,11 +133,12 @@ An or hex string enclosed in quotation marks. .It Va scan_ssid SSID scan technique; 0 (default) or 1. -Technique 0 scans for the SSID using a broadcast Probe Request -frame while 1 uses a directed Probe Request frame. -Access points that cloak themselves by not broadcasting their SSID -require technique 1, but beware that this scheme can cause scanning -to take longer to complete. +Technique 0 scans for the SSID using a broadcast Probe Request frame. +Technique 1 uses directed Probe Request frames, sent to each configured SSID. +Access points that cloak themselves by not broadcasting their SSID require +technique 1. +Beware that this technique can cause scanning to take longer to complete, +and exposes the list of configured network SSIDs to eavesdroppers. .It Va bssid Network BSSID (typically the MAC address of the access point). .It Va priority
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204110247.23B2lOJY040251>