WPA supplicant

From ArmadeusWiki
Revision as of 10:19, 5 April 2013 by JulienB (Talk | contribs) (Usage)

Jump to: navigation, search

When dealing with "strong" encryption of Wi-Fi networks, you have to setup a WPA or WPA2 configuration. To handle the requirements of these protocols during association, a userspace daemon is needed: it is called a "WPA supplicant". The most used one on Linux is wpa_supplicant; we will see here how to install and configure it.

Note Note: wpa_supplicant is also able to handle WEP or unencrypted connections


Installation

  • Done by default if your board supports Wi-Fi connectivity. Otherwise:
$ make menuconfig
Package Selection for the target  --->
    Networking  --->
        [*]   wpa_supplicant
        [ ]     Enable WPA with EAP
        [*]     Install wpa_cli binary
        [*]     Install wpa_passphrase binary

EAP is only needed if you plan to use WPA in Enterprise mode == with a Radius server.

Usage

wpa_supplicant needs a configuration file in /etc/wpa_supplicant.conf. Here is an example (WPA pre-shared key (TKIP)) and for your convience a generic /etc/wpa_supplicant.conf is already installed in the Armadeus BSP for releases > 5.2:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
update_config=1
network={
	ssid="''SSID''"
	scan_ssid=1
	proto=WPA
	key_mgmt=WPA-PSK
	pairwise=TKIP
	psk="''PASSPHRASE''"
}

You can adapt /etc/wpa_supplicant.conf manually or use the wpa_passphrase tool to add your network (SSID/PASSPHRASE) automatically:

 # wpa_passphrase "mynetworkSSID" "mynetworkPASSPHRASE" >> /etc/wpa_supplicant.conf
  • Be sure to have your Wi-Fi chipset driver loaded:
 # modprobe libertas_sdio
or
 # modprobe rt73usb
 # modprobe rt2800_usb
 # modprobe zd1211rw
 # modprobe rtl8187
 # modprobe r8712u
...
  • Bring up the wireless interface:
 # ip link set dev wlan0 up

or (as you prefer):

 # ifconfig wlan0 up
  • Then you can create the Wi-Fi connection with WPA Supplicant:
 # wpa_supplicant -Dwext -i wlan0 -c /etc/wpa_supplicant.conf -B
 # wpa_cli -B -a /etc/wpa_supplicant/wpa_cli-action.sh
 # /etc/wpa_supplicant/wpa_cli-action.sh wlan0 CONNECTED # to force ip renewal if needed

Then you can check your Wi-Fi interface is available:

 # ifconfig wlan0
 wlan0     Link encap:Ethernet  HWaddr 00:xx:xx:xx:xx:xx  
          inet addr:192.168.0.20  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: 2a01:e35:2e35:f60:219:88ff:fe15:4237/64 Scope:Global
          inet6 addr: fe80::219:88ff:fe15:4237/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:14238 (13.9 KiB)  TX bytes:2797 (2.7 KiB)

And finally to automatically activate your Wi-Fi interface when starting Linux, here is an init script example, to adapt to your Wi-Fi driver (update WIFIDRIVERS in the source) and to place into /etc/init.d/S61wifi (do not forget to give it execution rigths with chmod a+x /etc/init.d/S61Wifi):

#!/bin/sh
#
# Starts wifi services
#
# do not forget to update your wpa_supplicant configuration
# wpa_passphrase "mynetworrssid" "mynetworkpassphrase" >> /etc/wpa_supplicant.conf
# 
export WIFIDRIVERS=libertas_sdio
case "$1" in
	start)
		echo "Starting wifi"
		modprobe $WIFIDRIVERS
		ip link set dev wlan0 up
		wpa_supplicant -Dwext -i wlan0 -c /etc/wpa_supplicant.conf -B
		wpa_cli -B -a /etc/wpa_supplicant/wpa_cli-action.sh
	;;

	stop)
		wpa_cli -i wlan0 disconnect
		wpa_cli -i wlan0 terminate
		ip link set dev wlan0 down
		rmmod -a $WIFIDRIVERS
	;;

	restart)
		$0 stop
		sleep 1
		$0 start
	;;

	*)
		echo "Usage: $0 {start|stop|restart}"
		exit 1
	;;
esac

exit 0

Stop it

To stop WPA Supplicant daemon and switch off the connexion, you can use this command:

 # wpa_cli terminate

or by using the S61wifi script here above:

 # /etc/init.d/S61wifi stop

Links