Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
| technical:ppsk-overview [2024/04/18 08:11] – system | technical:ppsk-overview [2024/04/27 06:16] (current) – system | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | <nav type=" | ||
| + | * [[: | ||
| + | * [[: | ||
| + | </ | ||
| + | |||
| + | ----- | ||
| ====== Private PSK (PPSK) Overview ====== | ====== Private PSK (PPSK) Overview ====== | ||
| ===== Introduction ===== | ===== Introduction ===== | ||
| Line 5: | Line 11: | ||
| * This is in contrast to a door where everyone has the same key to unlock it and gain access to a building. | * This is in contrast to a door where everyone has the same key to unlock it and gain access to a building. | ||
| * The advantage of using different keys is the ease of management. | * The advantage of using different keys is the ease of management. | ||
| - | * If you have a small office setup where an employee | + | * Suppose |
| - | * Without the support of Pre Shared Key you need to: | + | * Without the support of PPSK you need to: |
| * Change the shared key on the access point(s). | * Change the shared key on the access point(s). | ||
| * Inform all employees that the WiFi key has changed and hopefully they will be smart enough to update any devices that are configured to connect to the office WiFi network. | * Inform all employees that the WiFi key has changed and hopefully they will be smart enough to update any devices that are configured to connect to the office WiFi network. | ||
| * Another place where you need to update the WiFi key is any peripherals that are connected to the network, including printers, scanners and cameras. | * Another place where you need to update the WiFi key is any peripherals that are connected to the network, including printers, scanners and cameras. | ||
| - | * With pre-shared key support, you simply revoke the PPSK of employees. | + | * With PPSK support, you simply revoke the PPSK of employees. |
| * Also using one SSID with multiple keys improves bandwidth utilisation and provides a simplified user experience. | * Also using one SSID with multiple keys improves bandwidth utilisation and provides a simplified user experience. | ||
| Line 33: | Line 39: | ||
| * The ability for each device that connects to a single SSID to have a **unique** WPA2 shared key. | * The ability for each device that connects to a single SSID to have a **unique** WPA2 shared key. | ||
| * The ability for each device to be assigned to a predefined VLAN after authentication. | * The ability for each device to be assigned to a predefined VLAN after authentication. | ||
| - | |||
| - | ----------- | ||
| - | |||
| - | ===== RADIUSdesk supports PPSK ===== | ||
| - | * RADIUSdesk also offers support for PPSK. | ||
| - | * With the RADIUSdesk implementation there are two main players involved. | ||
| - | * hostapd must be configured to support PPSK. | ||
| - | * RADIUS must be able to integrate with hostapd' | ||
| - | * These two points are covered in detail on their respective wiki pages. | ||
| ----------- | ----------- | ||
| ===== Why not 802.1x? ===== | ===== Why not 802.1x? ===== | ||
| - | * WPA2 Enterprise | + | * WPA2 Enterprise |
| - | * Certificate | + | * The certificate |
| - | * Not all WiFi devices support | + | * Not all WiFi devices support |
| * Many IOT devices do not support WPA2-Enterprise | * Many IOT devices do not support WPA2-Enterprise | ||
| * Many printers and WiFi cameras do not support WPA2-Enterprise. | * Many printers and WiFi cameras do not support WPA2-Enterprise. | ||
| - | * RADIUSdesk along with MESHdesk and APdesk however also offer WPA2 Enterprise support should you wish to rather implement it instead of Private PSK. | ||
| - | |||
| - | |||