Results 1 to 4 of 4

Thread: Wi-Fi security with a wide variety of devices

  1. #1
    Join Date
    Jun 2006
    Location
    Northern Ireland
    Beans
    274
    Distro
    Lubuntu 13.10 Saucy Salamander

    Wi-Fi security with a wide variety of devices

    I have been running my wi-fi network on a WEP key for some time. I know it's considered to be very poor security but, so far, I haven't noticed any problems. Today I bought a new inexpensive Android tablet and it appears to be having some difficulty connecting via WEP so I'm thinking of upgrading to WPA2. I'm also thinking that I might as well do the job properly and this is the reason for this post. How much effort is justified for a secure WPA2 setup? My first question was "What's the difference between a passphrase and a key?" After some research I believe I have the answer. The sequence of characters used as a "key" is actually a passphrase. The real key is generated by the device and the user never sees it. Other comments I discovered say that the passphrase should be a random sequence and preferably much longer than the 8 to 10 characters commonly associated with broadband routers as supplied by ISPs such as BT and TalkTalk.

    So here is the topic for discussion. If the pre-shared key (correction - passphrase) is a long sequence of random characters, how do I go about distributing it to all my wi-fi devices. Computers are easy... just store it on a usb flash drive or CD or floppy disc as required, but what about smartphones and tablets and printers and smart TVs? Does anybody like the idea of typing this
    Code:
    nDnctzRPUsPXiHF802aAJQUtZ6VqLjbvpcwWKyCTO3vRqC4IcW6nYJJseOrfKCG

    on an onscreen keyboard using a remote control? It gets even more interesting if the characters are hidden as they are typed.
    Toshiba L300 + netbooks etc.
    Experience: MSDOS 3.3..6.22; Windows 3.0, 3.11, 95, 98, XP,7; Linux - dual boot with Windows.
    In any completed construction project, at least 50% of the cost and effort goes to building the box to put it in.

  2. #2
    Join Date
    Jun 2010
    Location
    London, England
    Beans
    6,972
    Distro
    Ubuntu Development Release

    Re: Wi-Fi security with a wide variety of devices

    Wireless key - wireless pass phrase - WPA-PSK key. There are all the same to me. May be you are reading too much into these names. May be I am reading too little. But as far as I am concerned it is the 10 digit set of alpha-numeric characters that act as a password to give encrypted transmission and receiving between my computer and router.

    The wireless key should already be in the wireless access point (router). We can change the particular set of characters if we enter the setup program of the wireless access point. But to connect a device to a wireless access point that is set for WPA2 encryption we need to know the pass phrase and we need to enter that combination of characters into whatever network manager utility the device's OS has.

    Does that Android device allow WPA2 encrypted transmission and receiving? You may not need to install WPA Supplicant. It may already be there.

    http://en.wikipedia.org/wiki/Wpa_supplicant

    Regards.
    Last edited by grahammechanical; August 8th, 2014 at 03:06 PM.
    It is a machine. It is more stupid than we are. It will not stop us from doing stupid things.
    Ubuntu user #33,200. Linux user #530,530


  3. #3
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,478
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Wi-Fi security with a wide variety of devices

    You might be taking things a bit too far. Ten characters as a passphrase, as long as it's a fairly secure passphrase, will be plenty sufficient.

    It's possible to create a pretty secure passphrase that is memorable. Don't forget, a passphrase can have (and should have) symbols.

    Internally, your passphrase will be converted to a key by every device. A nice, secure, long key for the actual encryption.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

  4. #4
    Join Date
    Jun 2006
    Location
    Northern Ireland
    Beans
    274
    Distro
    Lubuntu 13.10 Saucy Salamander

    Re: Wi-Fi security with a wide variety of devices

    Thanks to you both for your replies. From what you say and the lack of other comments, it seems that most people are happy with the 8 to 10 character passphrase and websites such as this

    https://www.grc.com/passwords.htm

    are much too paranoid.

    In the meantime I decided to proceed with the change to WPA2 and see what the consequences were. I selected a random 8 character passphrase which would be easy to type on any device. First result - the new tablet works fine. All my linux PCs have no problem with the change but Windows 7 thinks it's more important to tell me about the protocol change than to ask for the new passphrase. I had to manually reset the protocol before I could connect. I don't like "helpful" software. My older Android tablet and my Android phone and my smart TV also connected without difficulty (using the short passphrase). With the exception of the printer, none of them appeared to use the option of WPS and it hasn't worked with the printer so far, maybe because the printer is positioned close to the limit of the wireless range.

    The first serious issue I encountered was with the eeebox B202 which is attached to the back of my 32" smart TV. Wi-Fi is currently the only practical networking option. Ethernet is possible but it requires the temporary dismantling of another part of the network. The B202 is currently running linux mint 11 and the built in Wi-Fi gives just enough performance to play avi files over the network which is its main function. Changing to WPA2 seems to have degraded the performance just enough to make that function unworkable. So I started looking at other options. An alternative Wi-Fi adapter produces no improvement with mint 11 but works much better with mint 17 started from a usb stick. It appears that lubuntu 14.04 won't handle my Wi-Fi adapters without a software update, which requires ethernet of course. Why would they do that? There were, of course, screen resolution issues and automounting issues and unfamiliar software issues. I really, really don't appreciate "helpful" software.

    In conclusion, it appears that using WPA2 requires upgrading the B202 to Mint 17 (mate) or Lubuntu 14.04 or maybe something else. And all of this because I bought a new Android tablet.
    Toshiba L300 + netbooks etc.
    Experience: MSDOS 3.3..6.22; Windows 3.0, 3.11, 95, 98, XP,7; Linux - dual boot with Windows.
    In any completed construction project, at least 50% of the cost and effort goes to building the box to put it in.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •