services.hostapd.radios.<name>.networks.<name>.authentication.enableRecommendedPairwiseCiphers
Additionally enable the recommended set of pairwise ciphers.
This enables newer secure ciphers, additionally to those defined in pairwiseCiphers.
You will have to test whether your hardware supports these by trial-and-error, because
even if iw list indicates hardware support, your driver might not expose it.
Beware hostapd will most likely not return a useful error message in case
this is enabled despite the driver or hardware not supporting the newer ciphers.
Look out for messages like Failed to set beacon parameters.
- Type
boolean- Default
false- Example
true- Declared
- <nixpkgs/nixos/modules/services/networking/hostapd.nix>