3.2 Configuring a Hostapd Server

Perform the following steps to configure the hostapd server:

1. Download hostapd from https://w1.fi/releases/hostapd-2.6.tar.gz and copy it to an Ubuntu machine.
2. Create a .config file enabling hostapd as a RADIUS server. See Appendix B - Hostapd Example .config File for an example configuration file.
3. Untar the file and navigate to the hostapd-2.6/hostapd directory in the terminal window.
4. Build the binaries using the make command.
5. Enter the make install command to copy the hostapd binary to the /user/local/bin/ path.
6. Generate the certificates (see Generating Certificates using openssl).
7. Add the following to configure or create AP details in the file hostapd.radius_clients (the password must be the same as the shared key password in point 4).

   # RADIUS client configuration for the RADIUS server
   0.0.0.0/0      123456789

8. Create an eap user file (see Appendix C - Configuring EAP User File).
9. Create a hostapd.conf file, using the above eap user file as shown below.

   # Run hostapd as a RADIUS server
   radius_server_clients=hostapd.radius_clients
   radius_server_auth_port=1812
   
   eap_server=1
   # For EAP user file see section 5.3
   eap_user_file=hostapd.eap_user
   
   # TLS parameters (shared by EAP-PEAP, EAP-TTLS, EAP-FAST)
   ca_cert=cas.cert
   # Server certificate and private key from separate files
   server_cert=server.crt
   private_key=server.key
   

10. Run hostapd using the sudo ./hostapd -dkt -i eno1 hostapd.conf command.