10 Jul
2020
10 Jul
'20
9:13 a.m.
On Fri, 10 Jul 2020 at 11:41, Val Kulkov <val.kulkov@gmail.com> wrote:
OpenWrt does provide a workaround for WPA key reinstallation attacks. See
the description of "wpa_disable_eapol_key_retries" parameter and the comments that follow at this page: https://openwrt.org/docs/guide-user/network/wifi/basic
I forgot to add that if enabling wpa_disable_eapol_key_retries does cause interoperability issues on a Wi-Fi network, then one can create a guest VLAN with this parameter disabled, and enable this parameter on a secure non-guest VLAN. This is not difficult to achieve with OpenWrt, and I will be happy to provide details in a separate thread if there is some interest.