Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: wpa_supplicant connect to hidden essid

  1. #1
    Join Date
    Oct 2008
    Beans
    58

    wpa_supplicant connect to hidden essid

    I've been struggling for hours to find a way to connect to my wireless router via the command line--the NetworkManager applet connects to it just fine. This is more of a study in how to do it manually because I'm trying to learn how to run Linux without X.

    I have a hidden ESSID encrypted using WPA2-personal.

    Something in the wpa_supplicant debug (-dd) output mentions something about keys not being configured. I guess wpa_supplicant is failing, and hence dhclient fails. Dhclient tries several intervals and then says "No DHCPOFFERS received."

    I generated a psk using wpa_passphrase:
    Code:
    sudo wpa_passphrase MYESSID > /etc/wpa_supplicant/wpa_supplicant.conf
    MYPASSWORD
    This is what my wpa_supplicant.conf looks like:

    Code:
    ctrl_interface=/var/run/wpa_supplicant
    ap_scan=2
    
    network={
    	ssid="MYESSID"
    	scan_ssid=1
    	proto=RSN
    	key_mgmt=WPA-PSK
    	pairwise=CCMP TKIP
    	group=CCMP TKIP
    	psk=SOMELONGSTRING
    }
    I have ap_scan=2 and scan_ssid=1 because I read that you need those variables set that way in order to connect to a hidden network.

    Here's what I do when attempting to create a connection:
    Code:
    sudo ifconfig wlan0 up
    sudo iwconfig wlan0 essid "MYESSID"
    sudo iwlist scan
    sudo wpa_supplicant -B -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0
    sudo dhclient wlan0
    Looking at my wpa_supplicant output, I see:
    Code:
    State: DISCONNECTED -> SCANNING
    Trying to associate with SSID 'MYESSID'
    Cancelling scan request
    ...
    No keys have been configured - skip key clearing
    ...
    I've spent hours googling and reading about this problem. I'm stuck. I'd really appreciate any help.

  2. #2
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    I have an Atheros wireless card, which makes things tricky, I guess. I know I'm definitely running ath5k.

    I read that ath5k names the wireless device wlan0, so that's fine. I assume not specifiying -D in wpa_supplicant defaults to the wext driver. I tried -Dmadwifi, but the output said that madwifi isn't supported.

    My guess is that I need to be very picky with how I set up my wpa_supplicant.conf file, but I'm not exactly sure what I need to do.

    Any ideas?

  3. #3
    Join Date
    Oct 2009
    Location
    Tucson, AZ
    Beans
    782
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: wpa_supplicant connect to hidden essid

    Here's your problem:
    Code:
    sudo wpa_passphrase MYESSID > /etc/wpa_supplicant/wpa_supplicant.conf
    won't work because you won't get root access when writing to the file. To get root access for the whole command, run this:
    Code:
    sudo bash -c "wpa_passphrase MYESSID > /etc/wpa_supplicant/wpa_supplicant.conf"
    That will execute the whole command as superuser.

  4. #4
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    I did that, but I'm still running into the same issues: No keys configured, scanning canceled.

    My only guess is that this is a driver problem. -Dwext is the only option that makes an attempt at establishing a connection. I've tried -Dmadwifi and -Dath5k, but both say that those are unsupported, so wpa_supplicant terminates. I know ath5k has been loaded via modprobe.

    I know I didn't make a typo with my password or ssid.

    I notice this in the wpa_supplicant output: "WEXT: cfg80211-based driver detected."

    And also:
    Code:
    EAPOL: SUPP_PAE entering state DISCONNECTED
    EAPOL: KEY_RX entering state NO_KEY_RECEIVE
    EAPOL: SUPP_BE entering state INITIALIZE
    EAP: EAP entering state DISABLED
    Added interface wlan0
    Code:
    State: DISCONNECTED -> SCANNING
    Trying to associate with SSID 'MYESSID'
    Cancelling scan request
    WPA: clearing own WPA/RSN IE
    ...
    WPA: No WPA/RSN IE available from association info
    Code:
    wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)

  5. #5
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    I noticed that the output shows wpa_supplicant is always trying to authenticate with BSSID 00:00:00:00:00:00 but times out each time. No other BSSID's are used.

    This led me to try to grab my BSSID by looking at iwlist scan, and then doing:

    Code:
    sudo iwconfig wlan0 ap ##:##:##:##:##:##
    Then I run iwconfig, but it shows the BSSID didn't save, so I can't test this solution.

    Other things I've noticed:

    When my scan_ssid and ap_scan were set to scan non-hidden networks, wpa_supplicant would scan all my neighbours BSSID's. It also showed mine, but mine had ssid=''. iwlist scan also shows two entries for my router: one with an ssid set and one with a bunch of \x00 null values for the ssid.

    My questions at this point are either (1) how do I get iwconfig to save the AP because I think this might get wpa_supplicant to work; or (2) how should I set my wpa_supplicant.conf to find hidden networks because what it's set to now only finds 00:00:00:00:00:00.

    Thanks. I appreciate any help.

  6. #6
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    Well, I answered my second question myself:

    Code:
    sudo iwlist wlan0 scan essid MYESSID
    That'll get your hidden ESSID to show up in your iwlist scan. Mine shows up when I'm in an X environment by simply doing "iwlist scan," but when I'm out of X, iwlist doesn't find the hidden network. Don't ask me why. I don't know, but the solution to that problem is what I wrote above.

    However, that solution didn't help me. I guess wpa_supplicant doesn't want to pay attention to the iwlist scan results, which I thought it would.

    This still leaves my first question in my previous post unanswered. I'm still unsure of how to set the AP. Whenever I run "sudo iwconfig wlan0 ap ##:##:##:##:##:##", the setting never sticks. iwconfig will continue to show "AP: Not-Associated."

    Right now I'm wondering if I can pipe the iwlist results into wpa_supplicant like this:

    Code:
    sudo bash -c "iwlist wlan0 scan essid MYESSID | wpa_supplicant -B -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0"
    I'm going to try that now. I doubt it will work.

    Any other ideas for connecting to a hidden network via the command line and wpa_supplicant?

  7. #7
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    Okay, I feel I'm getting very a close to a solution.

    I did some more reading and found that for a hidden network, you need to add lots of specifics to your wpa_supplicant.conf. Here's what mine looks like:

    Code:
    ap_scan=2
    
    network={
    	ssid="YOURESSID"
    	scan_ssid=1
    	proto=RSN
    	key_mgmt=WPA-PSK
    	pairwise=CCMP
    	group=CCMP
    	psk=YOURPASSWORD
    }
    wpa_supplicant now finds my router's BSSID and tries to associate with it; however, it fails.

    I think this is because wpa_supplicant is finding my router with a null ssid. I mentioned in my very first post how iwlist has a double entry for my router in its results: one with a null ssid and one with an ssid set.

    I also found that you can set bssid in wpa_supplicant.conf, but this doesn't do anything more than the .conf above.

    I'm going to try to just do ssid="" and set my bssid.

  8. #8
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    Attempted ssid of "" and \x00. Both didn't work.

    The closest I've gotten to establishing a connection was with the wpa_supplicant.conf I wrote in my last post. What happens is my computer will try to associate with 00:00:00:00:00:00 a few times, and then wpa_supplicant will find my AP. It will try to associate with that, but then I get "New wireless event. New AP: 00:00:00:00:00:00," which cancels the association with my router and adds it to a blacklist.

    I don't even know why this happens even if I explicitly set the bssid in my .conf.

    What do you guys think?

  9. #9
    Join Date
    Oct 2008
    Beans
    58

    Re: wpa_supplicant connect to hidden essid

    Here's my latest .conf:

    Code:
    filter_ssids=1
    ap_scan=2
    
    network={
    	ssid="REMOVED"
    	scan_ssid=1
    	bssid=REMOVED
    	priority=100
    	mode=0
    	proto=RSN
    	key_mgmt=WPA-PSK
    	auth_alg=OPEN
    	pairwise=CCMP
    	group=CCMP
    	psk=REMOVED
    }
    I get this as output:

    Code:
    Line 1: unknown global field 'filter_ssids=1'.
    Line 1: Invalid configuration line 'filter_ssids=1'.
    Of course no search results online yield anything helpful, so I downloaded the source code from here: http://hostap.epitest.fi/releases/wp...t-0.7.3.tar.gz. Then I did a grep for "unknown global field" and "Invalid configuration."

    Here's a snippet of the relevant section (config_file.c, starting from line 472):

    Code:
    #define NUM_GLOBAL_FIELDS (sizeof(global_fields) / sizeof(global_fields[0]))
    
    
    static int wpa_config_process_global(struct wpa_config *config, char *pos,
    				     int line)
    {
    	size_t i;
    	int ret = 0;
    
    	for (i = 0; i < NUM_GLOBAL_FIELDS; i++) {
    		const struct global_parse_data *field = &global_fields[i];
    		size_t flen = os_strlen(field->name);
    		if (os_strncmp(pos, field->name, flen) != 0 ||
    		    pos[flen] != '=')
    			continue;
    
    		if (field->parser(field, config, line, pos + flen + 1)) {
    			wpa_printf(MSG_ERROR, "Line %d: failed to "
    				   "parse '%s'.", line, pos);
    			ret = -1;
    		}
    		break;
    	}
    	if (i == NUM_GLOBAL_FIELDS) {
    		wpa_printf(MSG_ERROR, "Line %d: unknown global field '%s'.",
    			   line, pos);
    		ret = -1;
    	}
    
    	return ret;
    }
    From what I understand, the "Invalid configuration" error is triggered by the "unknown global field" error, so solving the former solves the latter.

    "Global fields" is a struct defined as:

    Code:
    static const struct global_parse_data global_fields[] = {
    ...
    }
    field_ssids is a field in that struct:

    Code:
    { INT_RANGE(filter_ssids, 0, 1) }
    I don't understand the code very well. My guess is that given a line as input, such as "filter_ssids" or "ap_scan," the function will loop through the global_fields struct looking for that field. If the field is not found in the struct, then the "unknown global field" error is thrown.

    What's confusing me is that I have "filter_ssids" in my .conf and I see "filter_ssids" in the global_fields struct. I've made sure I didn't make a typo.

    I figure if I can filter the scan results to only include my BSSID, I won't have the 00:00:00:00:00:00 problem anymore.

    Anyone see something I don't see? Please....

    ================================================== ==================

    wpa_supplicant -v shows that I have the previous stable version (0.6), not the current stable version (0.7). "filter_ssids" wasn't introduced until 0.7.

    I'm going to try to grab 0.7 and see if that solves all my problems.

    I really hope all my messages have been helpful to someone...
    Last edited by pokeyThePenguin; January 9th, 2011 at 12:23 AM.

  10. #10
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,728
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: wpa_supplicant connect to hidden essid

    Keep working at it, I'm interested in your results. I'm surprised the bssid parameter doesn't work.

    Have you tested if you can connect when your network is unhidden? Just want to make sure the entire wpa authentication/ handshake process is working prior to hiding the access point.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •