Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Hi Sef:
I will update my tutorial immediately and remove the line in question (wpa-conf). Not sure why your version of wpa-supplicant works the way it does, however, it used to be the case that wpa-ap-scan would control the scanning logic of your wireless card (ESSID broadcast enabled vs. disabled).
Again, I'll remove the line from my scripts. I have not found any documentation on it so far.
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
I have updated the HOWTO. Really appreciated your feedback as I have not tried Feisty yet. Still on Dapper which I plan to change soon. :-) So I really depend on your input. Sorry I have not found anything on the "wpa-conf" issues yet, but I will check it out over the weekend or so.
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Just in case you were wondering its the wpa-supplicant that comes with a default upgrade to feisty.
Quote:
Originally Posted by
wieman01
Hi Sef:
I will update my tutorial immediately and remove the line in question (wpa-conf). Not sure why your version of wpa-supplicant works the way it does, however, it used to be the case that wpa-ap-scan would control the scanning logic of your wireless card (ESSID broadcast enabled vs. disabled).
Again, I'll remove the line from my scripts. I have not found any documentation on it so far.
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Quote:
Originally Posted by
sefs
Just in case you were wondering its the wpa-supplicant that comes with a default upgrade to feisty.
Cool. Got it. Hope things will work out for Feisty users from now on. Thanks for your help.
EDIT:
One more question: Why would Feisty users still requires this HOWTO at all? I thought Feisty comes with enhanced wireless support including the support for Static IP and WPA? Just curious... Does the standard install not work for you?
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Hi all !
I think this howto is great. You should update it sometimes like remove the wpa-conf thing ... I think it is much cleaner (you don't need an additional program) and more straight than the network manager. And you can't configure WPA in NM as much as here in /etc/network/interfaces. And the NM works about 90 % of all cases because you can't setup everything in GUI. (extreme cases like WPA1 + WPA2 (mixed) + hidden essid + RADIUS. I don't think you can do it with network manager).
This is my opinion :)
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
it works !!!
Removed "managed"
and put 2 in wpa-ap-scan 2
another thing is that for my router, AES does not work, WPA personal =tkip here
thanks everybody here
Quote:
Originally Posted by
sefs
Hi again.
Weeima01 I want to confirm that WPA1 with AES works. Here is why.
I have a wrt54gl. the ssid broadcast is set to enabled. But I am as confused as you as to why wpa-ap-scan 2 works and wpa-ap-scan 1 does not ... when wpa-ap-scan 1 I cannot connect to the network but when I go wpa-ap-scan 2 I am able to connect. This is very very weird.
I also want to know what "wpa-conf managed" is for. I followed corax's suggestion and commented it out. And what would you know...after restarting the network ... I was back in business again using WPA-Personal which I assume is WPA1 and with AES encryption.
My /etc/network/interfaces now looks like this...
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# This is a list of hotpluggable network interfaces.
# They will be activated automatically by the hotplug subsystem.
mapping hotplug
script grep
map wlan0
# The wireless network interface
iface wlan0 inet static
# General settings
#------------------------------
address 192.168.1.55
netmask 255.255.255.0
network 192.168.1.0
gateway 192.168.1.1
dns-nameservers 205.214.192.201 205.214.192.202 208.67.222.222 208.67.220.220 192.168.254.254
# WPA settings
#------------------------------
wpa-driver wext
wpa-ssid xxxxx
#wpa-conf managed
wpa-ap-scan 2
wpa-proto WPA
wpa-pairwise AES
wpa-group AES
wpa-key-mgmt WPA-PSK
wpa-psk xxxxxxxxxxxxxxxxxxx
auto wlan0
Can you shed some light on why it would wpa-ap-scan 2 works with ssid broadcast enabled and not wpa-ap-scan 1.
Can you also let us know whats this wpa-conf.
and how can I specify infrastructure mode.
While researching wpa_supplicant I saw ppl using the wpa-conf line to specify the path to /etc/wpa_supplicant.conf.
At one point i went this rout and made better progress where it detected the network but could not connect.
Thanks very much.
UPDATE:
I've tried WPA2 Personal on the WRT54GL with these settings ...
Code:
# WPA settings
#------------------------------
wpa-driver wext
wpa-ssid xxxxx
#wpa-conf managed
wpa-ap-scan 1
wpa-proto RSN
wpa-pairwise CCMP
wpa-group CCMP
wpa-key-mgmt WPA-PSK
wpa-psk xxxxxx
now the wpa-ap-scan works when both set to 1 or 2.
So now I'm able to use WPA2 with AES.
Discussions on WPA+AES and WPA2+AES ect... it sounds rather confusing (AES was apprently added to WPA1 as an afterthought?)
http://www.dslreports.com/forum/remark,12691890
http://forums.practicallynetworked.c...ead.php?t=7119
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
I wasn't aware of that. I will have to investigate that and see. I took a cursory glance at NM after upgrading to feisty immediately looking for the static IP support but I must have missed it so I removed it immediately to go back to what I knew was working (this tutorial). I'll have to reinstall NM to take a closer look.
Quote:
Originally Posted by
wieman01
Cool. Got it. Hope things will work out for Feisty users from now on. Thanks for your help.
EDIT:
One more question: Why would Feisty users still requires this HOWTO at all? I thought Feisty comes with enhanced wireless support including the support for Static IP and WPA? Just curious... Does the standard install not work for you?
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Quote:
Originally Posted by
corax
Hi all !
I think this howto is great. You should update it sometimes like remove the wpa-conf thing ... I think it is much cleaner (you don't need an additional program) and more straight than the network manager. And you can't configure WPA in NM as much as here in /etc/network/interfaces. And the NM works about 90 % of all cases because you can't setup everything in GUI. (extreme cases like WPA1 + WPA2 (mixed) + hidden essid + RADIUS. I don't think you can do it with network manager).
This is my opinion :)
If you have suggestions as to how we can improve this thread, you are welcome to post them here. It will be nice to keep this thread alive. I have removed that "wpa-conf" stanza in the meantime.
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Well, I have just tried Feisty Kubuntu (actually I am writing this while running the LiveCD) and I must say it is beautiful. More than that I had no problems whatsoever connecting to my local wireless network (Static IP, ESSID broadcast disabled) without installing any additional software packages. I am impressed... Having said that the new version of Ubuntu pretty much renders this thread unnecessary. Eventually!
EDIT:
On a Sony Vaio with Intel IPW2200 B/G that is.
Re: HOWTO: Wireless Security - WPA1, WPA2, LEAP, etc.
Quote:
Originally Posted by
wieman01
For WPA1 my example would look like this:
I have never bothered to setup wpa_supplicant outside of "interfaces" because I don't think it is nice. So I cannot give you any advice there. However, I am having a similar issue as you whereby I need to initialize my wireless network at startup, then immediately bring it down & restart it. For some reason the network would remain disconnected if I did not restart it.
So my advice is to follow post #2 and restart the network during the boot process. Not sure if this is a bug but I have not found a solution ever since.
actually, here's how you create your /etc/wpa_supplicant.conf file:
Code:
wpa_passphrase <network essid> <network password>
then some text comes up that's like
Code:
network={
ssid="ssid"
#psk="password"
psk=q45kl3j45;l3kj45h345lkj34h5;l2k3j45k3j4l5;h34j5
}
so, you copy that psk, then do
Code:
sudo gedit /etc/wpa_supplicant.conf
and type (copy & paste) this:
Code:
ctrl_interface=/var/run/wpa_supplicant
ap_scan=1
network={
ssid="yourNetworkSsid"
scan_ssid=1
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP
group=CCMP
psk=blah-;kljl23j4h2l3kj4h2l34h23lk4j23hl4h-blah
}
i have wpa2 with ipw2200 and wext, so you might need to change ap_scan, proto, pairwise, and group to match your network settings ... hope this helps!