hostapd with psk-file
I tried to make hostapd use a separate psk-file, with a different PSK per MAC-address. On Debian the file is called /etc/hostapd/wpa_psk and according to /etc/hostapd/hostapd.conf:
# Optionally, WPA PSKs can be read from a separate text file (containing list
# of (PSK,MAC address) pairs. This allows more than one PSK to be configured.
This is fucking WRONG. The file-format is not documented anywhere else, and the above is utter bogus. The file has to look like this:
00:00:00:00:00:00 somepskstring
The 00:00:00:00:00:00 of course would have to be replaced by a real MAC-address. The MAC-address all zeroed out might signify a wildcard, but then, this isn’t documented either.
By the way, if you do not want it bloody bridged, you need to set up the interface just like normal in /etc/network/interfaces, and take care that it’s served by dhcp and has appropriate firewall-rules.