LinuxCommandLibrary

hostapd

Create wireless access point

TLDR

Start an access point

$ sudo hostapd [path/to/hostapd.conf]
copy

Start an access point, forking into the background
$ sudo hostapd -B [path/to/hostapd.conf]
copy

SYNOPSIS

hostapd [ -dddtv ] [ -P pidfile ] [ -e entropy file ] configuration_file

PARAMETERS

-d
    Enable debugging.

-dd
    Enable more debugging.

-ddd
    Enable even more debugging.

-t
    Include timestamp in debug messages.

-v
    Show version information.

-P pidfile
    Specify the PID file.

-e entropy file
    Specify the entropy file.

configuration_file
    The path to the hostapd configuration file.

DESCRIPTION

hostapd is a user space daemon for creating IEEE 802.11 access points. It handles authentication, association, and beaconing. It's commonly used to turn a Linux machine with a wireless network interface card (WNIC) into a Wi-Fi hotspot.

hostapd supports various security protocols, including WPA, WPA2, and WPA3, both in Personal (PSK) and Enterprise (EAP) modes. It interacts with the WNIC driver to manage wireless clients and their encryption keys. Configuration is primarily done through a configuration file, allowing for flexible customization of the access point's behavior.

It is essential to set up correct interface configuration on the Linux host with IP addresses (usually through DHCP) and routing. hostapd then handles setting up the 802.11 and authentication layers to manage client connections.

CAVEATS

Proper driver support for the WNIC is crucial for hostapd to function correctly. Some drivers may have limitations regarding supported features or security protocols. The configuration file must be carefully configured to avoid security vulnerabilities.

CONFIGURATION FILE

The configuration file dictates hostapd's behavior. It defines parameters such as the SSID, channel, security protocol, passphrase, and interface to use. Refer to the hostapd.conf documentation for detailed configuration options.

SECURITY CONSIDERATIONS

Always use strong passwords and WPA2/WPA3 for secure wireless networks. Regularly update hostapd to patch security vulnerabilities. Consider using a firewall to restrict access to the access point.

HISTORY

hostapd was created by Jouni Malinen and has been under active development for many years. It's widely used in embedded systems, routers, and Linux-based access points. Originally part of the wpa_supplicant project, it was later separated into its own project to provide dedicated access point functionality.

SEE ALSO

wpa_supplicant(8), iwconfig(8), ifconfig(8), iw(1)

Copied to clipboard