Using WPA without wpa_supplicant? - Debian

This is a discussion on Using WPA without wpa_supplicant? - Debian ; I get the impression that, among other services (like choosing an access point and setting your keys, etc. for it), the big feature of wpa_supplicant is that it provides software WPA for cards that don't support it in their hardware. ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: Using WPA without wpa_supplicant?

  1. Using WPA without wpa_supplicant?

    I get the impression that, among other services (like choosing an access
    point and setting your keys, etc. for it), the big feature of
    wpa_supplicant is that it provides software WPA for cards that don't
    support it in their hardware.

    In my case, I have hardware that *does* have WPA on the card, and
    wpa_supplicant doesn't seem to be pairing up with my AP. So, I wanted to
    use the WPA built into the card. What tools do I use to set the key for
    WPA? Do I use the same ones as for WEP (like iwconfig), or what?

    - Joe


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Re: Using WPA without wpa_supplicant?

    On October 19, 2005 02:17 am, Frank wrote:
    > I don't believe you have to use anything besides what wireless-tools
    > provides for every card.
    > I am using WPA with my ralink based card with the following entry
    > in /etc/network/interfaces:


    > iface eth1 inet dhcp
    > pre-up ifconfig eth1 up
    > pre-up iwpriv eth1 set AuthMode=WPAPSK
    > pre-up iwpriv eth1 set EncrypType=TKIP
    > pre-up iwconfig eth1 essid "youressid"
    > pre-up iwpriv eth1 set WPAPSK="yourkey"


    > I don't even have wpa_supplicant installed.
    > If you need any additional info, just ask.


    Interesting. What's the iwpriv command? It's not present on my unstable
    system. But, then, I don't use any of the wireless tools, so it's
    probably part of that package.

    I prefer the wpa_supplicant approach, as I can then treat my wireless and
    wired interfaces the same, using the same ifconfig/dhclient commands.
    Don't have to worry about any iwpriv commands, setting the ssid, keys,
    etc. And wpa_supplicant.conf supports multiple network configs (mine
    currently has 5 networks in there, so I can connect to the library,
    coffee shops, home, or office wireless networks without any extra work),
    where it will connect to the first AP that matches one of the network
    blocks (with a user priority setting if there are multiple matches).

    TMTOWTDI, I guess.

    The really nice thing about wpa_supplicant, is that I get all the benfits
    of the bazillion different wireless profile managers out there, but with
    full WEP and WPA support (haven't found any that support WPA), and only a
    single text file to edit (no GUI needed). And it's portable across
    Linux and FreeBSD, which is a major boon to me, being a FreeBSD user at
    heart and at home (I only use Debian because of work). Plus, it works
    with any WPA-enabled NIC.

    --
    Freddie Cash, CCNT CCLP Helpdesk / Network Support Tech.
    School District 73 (250) 377-HELP [377-4357]
    fcash-ml@sd73.bc.ca


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Re: Using WPA without wpa_supplicant?

    Am Mittwoch, 19. Oktober 2005 20:06 schrieb Freddie Cash:
    > Interesting. What's the iwpriv command? It's not present on my unstable
    > system. But, then, I don't use any of the wireless tools, so it's
    > probably part of that package.


    Yes, it is part of that package. Description from man page:
    iwpriv - configure optionals (private) parameters of a wireless network
    interface

    > I prefer the wpa_supplicant approach, as I can then treat my wireless and
    > wired interfaces the same, using the same ifconfig/dhclient commands.


    I also treat them the same! Of course you can use ifconfig/dhclient to
    configure your network interfaces, but a better (?) approach is to specify
    all your network settings in /etc/network/interfaces and then use "ifup" and
    "ifdown" to bring your devices up and down. This is, what the standard Debian
    network tools do.

    > Don't have to worry about any iwpriv commands, setting the ssid, keys,
    > etc.


    I don't either, they are just in the conf file (and furthermore: not another
    conf file, but the normal networking one).

    > And wpa_supplicant.conf supports multiple network configs (mine
    > currently has 5 networks in there, so I can connect to the library,
    > coffee shops, home, or office wireless networks without any extra work),
    > where it will connect to the first AP that matches one of the network
    > blocks (with a user priority setting if there are multiple matches).


    I am pretty sure, that this is possible, although I am not using it.
    If you don't know ifup, ifdown and the network configuration
    file /etc/network/interfaces, I recommend looking at "man interfaces", it
    simplifies a lot and is quite standard (on Linux anyways).

    > TMTOWTDI, I guess.
    >
    > The really nice thing about wpa_supplicant, is that I get all the benfits
    > of the bazillion different wireless profile managers out there, but with
    > full WEP and WPA support (haven't found any that support WPA), and only a
    > single text file to edit (no GUI needed). And it's portable across
    > Linux and FreeBSD, which is a major boon to me, being a FreeBSD user at
    > heart and at home (I only use Debian because of work). Plus, it works
    > with any WPA-enabled NIC.


    Yes, I am not saying it is bad. But the poster asked about non-wpa_supplicant
    ways of doing this, if the wireless card supports it.
    I am not sure at all, that "my" procedure works for any card. I just like it
    better like that and it works for me :-)


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  4. Re: Using WPA without wpa_supplicant?

    Hello,

    Am Mittwoch, 19. Oktober 2005 11:17 schrieb Frank:
    > I don't believe you have to use anything besides what wireless-tools
    > provides for every card.
    > I am using WPA with my ralink based card with the following entry
    > in /etc/network/interfaces:
    >
    > iface eth1 inet dhcp
    > pre-up ifconfig eth1 up
    > pre-up iwpriv eth1 set AuthMode=WPAPSK
    > pre-up iwpriv eth1 set EncrypType=TKIP
    > pre-up iwconfig eth1 essid "youressid"
    > pre-up iwpriv eth1 set WPAPSK="yourkey"
    >
    > I don't even have wpa_supplicant installed.
    > If you need any additional info, just ask.


    It depends. Some cards (like my ipw2100) don't have any interesting iwpriv
    controls, while others (as yours, as mine PrismII) have a lot.
    As long as you are referering to wpa as wpa-psk, you'll surely find some cards
    implementing TKIP, etc. in firmware (as yours) and you surely find some who
    don't.
    If you're looking at other wpa standards (like wpa-radius, etc.) the wpa
    clients must handle varous keystores, trust dbs, etc. and I'ven't seen any
    card, that's able to do that - for good reasons.

    Keep smiling
    yanosz


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. Re: Using WPA without wpa_supplicant?

    Hi,

    I've a related question.


    Le 13076ième jour après Epoch,
    Jan Luehr écrivait:

    > Hello,
    >
    > Am Mittwoch, 19. Oktober 2005 11:17 schrieb Frank:
    >> I don't believe you have to use anything besides what wireless-tools
    >> provides for every card.
    >> I am using WPA with my ralink based card with the following entry
    >> in /etc/network/interfaces:
    >>
    >> iface eth1 inet dhcp
    >> pre-up ifconfig eth1 up
    >> pre-up iwpriv eth1 set AuthMode=WPAPSK
    >> pre-up iwpriv eth1 set EncrypType=TKIP
    >> pre-up iwconfig eth1 essid "youressid"
    >> pre-up iwpriv eth1 set WPAPSK="yourkey"
    >>
    >> I don't even have wpa_supplicant installed.
    >> If you need any additional info, just ask.

    >
    > It depends. Some cards (like my ipw2100) don't have any interesting iwpriv
    > controls, while others (as yours, as mine PrismII) have a lot.
    > As long as you are referering to wpa as wpa-psk, you'll surely find some cards
    > implementing TKIP, etc. in firmware (as yours) and you surely find some who
    > don't.
    > If you're looking at other wpa standards (like wpa-radius, etc.) the wpa
    > clients must handle varous keystores, trust dbs, etc. and I'ven't seen any
    > card, that's able to do that - for good reasons.


    My card (ipw2200 driver) doesn't have the WPA iwpriv capabilities, so
    I should use some supplicant.

    But I can't. I use whereami as a network auto configuration tool, and
    all works perfectly. whereami is a great job!

    But wpa_supplicant do some stuff that breaks my whereami config. And
    I'm unable to use both tools.

    Did somebody have some ideas for using whereami and WPA ?

    Thanks in advance.

  6. Re: Using WPA without wpa_supplicant?

    Hello,

    Am Freitag, 21. Oktober 2005 14:56 schrieb François TOURDE:
    > Hi,
    >

    [...]
    > My card (ipw2200 driver) doesn't have the WPA iwpriv capabilities, so
    > I should use some supplicant.
    >
    > But I can't. I use whereami as a network auto configuration tool, and
    > all works perfectly. whereami is a great job!
    >
    > But wpa_supplicant do some stuff that breaks my whereami config. And
    > I'm unable to use both tools.
    >
    > Did somebody have some ideas for using whereami and WPA ?


    Can you be more verbose? What do you mean by "breaks my config"? Imho
    wpa_supplicant doesn't change any interface settings. (If you are refering to
    settings made by ifconfig or dhclient, etc.)

    Keep smiling
    yanosz

  7. Re: Using WPA without wpa_supplicant?

    Le 13077ième jour après Epoch,
    Jan Luehr écrivait:

    > Hello,
    >
    > Am Freitag, 21. Oktober 2005 14:56 schrieb François TOURDE:
    >> Hi,
    >>

    > [...]
    >> My card (ipw2200 driver) doesn't have the WPA iwpriv capabilities, so
    >> I should use some supplicant.
    >>
    >> But I can't. I use whereami as a network auto configuration tool, and
    >> all works perfectly. whereami is a great job!
    >>
    >> But wpa_supplicant do some stuff that breaks my whereami config. And
    >> I'm unable to use both tools.
    >>
    >> Did somebody have some ideas for using whereami and WPA ?

    >
    > Can you be more verbose? What do you mean by "breaks my config"? Imho
    > wpa_supplicant doesn't change any interface settings. (If you are refering to
    > settings made by ifconfig or dhclient, etc.)


    Sorry, i'll try to be more verbose.

    As I can remember (I've apt-get remove'd wpa_supplicant),
    wpa_supplicant changes the iwconfig of my card, and try to detect
    which AP is present.

    On some case, it down/up the link, then ifplugd report a link beat
    lost/detected, and launch whereami again, so I loose connection.

    I'll reinstall wpa_supplicant to make more tests and come back here
    with more details

    > Keep smiling


    I'll try

    Thanks for reply.

  8. Re: Using WPA without wpa_supplicant?

    Le 13077ième jour après Epoch,
    François TOURDE écrivait:

    > Sorry, i'll try to be more verbose.
    >
    > As I can remember (I've apt-get remove'd wpa_supplicant),
    > wpa_supplicant changes the iwconfig of my card, and try to detect
    > which AP is present.
    >
    > On some case, it down/up the link, then ifplugd report a link beat
    > lost/detected, and launch whereami again, so I loose connection.
    >
    > I'll reinstall wpa_supplicant to make more tests and come back here
    > with more details


    I've reinstalled wpa_supplicant, but I'm not able to give more infos.

    What's appening:

    1) I reinstall and relaunch wpa_supplicant, with ap_scan=0, and only
    one network={} entry

    2) I'm on a non wpa wifi ap

    3) I lost the link (don't know why)

    4) I recover the link (don't know why...)

    5) whereami re-setup the SSID during a 'testap' function

    6) dhclient is unable to obtain an IP

    7) looking on iwconfig, I see:

    mersenne:~# iwconfig eth1
    eth1 unassociated ESSID:"Tourde-WAP54G"
    Mode:Managed Channel=0 Access Point: 00:00:00:00:00:00
    ....

    If I stop wpa_supplicant, the link comes up again, and all is working
    good...

    I don't know how to diagnose the problem.

    Any help for using whereami and wpa_supplicant is welcome.

  9. Re: Using WPA without wpa_supplicant?

    Hi Franois!

    On Sat, 22 Oct 2005, Franois TOURDE wrote:

    >1) I reinstall and relaunch wpa_supplicant, with ap_scan=0, and only
    > one network={} entry


    Try this config:

    # wpa_supplicant.conf
    ctrl_interface=/var/run/wpa_supplicant
    ctrl_interface_group=0
    eapol_version=1
    ap_scan=1
    fast_reauth=1
    network={
    ssid="YOURESSID"
    proto=WPA
    key_mgmt=WPA-PSK
    pairwise=CCMP TKIP
    group=CCMP TKIP WEP104 WEP40
    priority=9
    psk=
    }

    And disable wpa_supplicant in /etc/default.
    Add the following in your /etc/network/interfaces:

    # The primary network interface
    iface eth1 home dhcp
    #
    ## WEXT
    # pre-up /usr/sbin/wpa_supplicant -D wext -i eth1 -c /etc/wpa_supplicant.conf -Bw
    #
    pre-up /usr/sbin/wpa_supplicant -i eth1 -D ipw -c/etc/wpa_supplicant.conf -Bw
    post-down killall -q wpa_supplicant

    wireless-mode managed
    wireless-essid any

    Be sure, that /etc/network/netsheme contains the mentioned "home" above:

    #!/bin/bash
    # /etc/network/netsheme for WPASupplicant
    locations=$(whereami --mapping)

    if [[ "$locations" == *home* ]]
    then
    echo "home"
    elif [[

    (...)

    Sometimes the driver "wext" in /etc/network/interfaces gives better results.
    For ipw you could give it a try.

    >3) I lost the link (don't know why)


    Seems, that the driver can't authenticate. (?) Try calling wpa_supplicant by
    hand and with -d.

    >6) dhclient is unable to obtain an IP
    >7) ...

    Of course, if you can't associate, you won't get a ip.

    Works here well....
    --
    Regards, GR | GnuPG-key: mail -s 'get gpg-key'
    Ferienwohnungen an der Ostsee | ICQ: 146212092
    http://blog.emmily.com | Yahoo: gee_ghost


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  10. Re: Using WPA without wpa_supplicant?

    Franois TOURDE wrote:

    > Le 13077ime jour aprs Epoch,
    > Jan Luehr crivait:
    >
    >> Am Freitag, 21. Oktober 2005 14:56 schrieb Franois TOURDE:
    >>>

    >> [...]
    >>> My card (ipw2200 driver) doesn't have the WPA iwpriv capabilities, so
    >>> I should use some supplicant.

    ....
    >>> Did somebody have some ideas for using whereami and WPA ?

    >>
    >> Can you be more verbose? What do you mean by "breaks my config"? Imho
    >> wpa_supplicant doesn't change any interface settings. (If you are
    >> refering to settings made by ifconfig or dhclient, etc.)

    >
    > As I can remember (I've apt-get remove'd wpa_supplicant),
    > wpa_supplicant changes the iwconfig of my card, and try to detect
    > which AP is present.
    >
    > On some case, it down/up the link, then ifplugd report a link beat
    > lost/detected, and launch whereami again, so I loose connection.
    >

    That sounds like exactly the sort of situation that ifplugd's -d and -u
    options are intended to resolve. Increase the value of -d to prevent
    ifplugd seeing wpa_supplicant drop the link-beat, or increase the value of
    -u to prevent ifplugd trying to bring the connection up until
    wpa_supplicant is finished. Alternatively, you might need to turn off
    ifplugd for the wireless interface, and use waproamd - but I haven't
    experimented with waproamd, so I'm not sure it's better.
    --
    derek


    --
    To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  11. Re: Using WPA without wpa_supplicant?

    Hi Goran.

    Thanks for your config sample, but it seems to be very different from
    what I want to do.

    What I try to obtain is that the main level process is whereami, which
    one determine which network is present, then execute correct actions.

    Le 13078ième jour après Epoch,
    Goran Ristic écrivait:

    > Hi François!
    >

    [...]
    > # The primary network interface
    > iface eth1 home dhcp
    > #
    > ## WEXT
    > # pre-up /usr/sbin/wpa_supplicant -D wext -i eth1 -c /etc/wpa_supplicant.conf -Bw
    > #
    > pre-up /usr/sbin/wpa_supplicant -i eth1 -D ipw -c/etc/wpa_supplicant.conf -Bw
    > post-down killall -q wpa_supplicant
    >
    > wireless-mode managed
    > wireless-essid any
    >
    > Be sure, that /etc/network/netsheme contains the mentioned "home" above:
    >
    > #!/bin/bash
    > # /etc/network/netsheme for WPASupplicant
    > locations=$(whereami --mapping)
    >
    > if [[ "$locations" == *home* ]]
    > then
    > echo "home"
    > elif [[
    >


    My /etc/network/interface contains only:

    auto lo
    iface lo inet loopback
    iface eth0 inet manual
    iface eth1 inet manual
    wireless_essid any
    wireless_mode Managed

    and it's enough for wired/wireless auto adaptation.

    > Sometimes the driver "wext" in /etc/network/interfaces gives better results.
    > For ipw you could give it a try.


    I'll try.

    > Seems, that the driver can't authenticate. (?) Try calling wpa_supplicantby
    > hand and with -d.


    This test was made on a *non* wpa network. So there is no reason for
    loosing the link. It's what I want to understand.

    >>6) dhclient is unable to obtain an IP
    >>7) ...

    > Of course, if you can't associate, you won't get a ip.


    Sure .. I was only trying to describe the order of events.

    Many thanks for your answer. I'll shuffle and aggregate all replies,
    then tell all what solution (If I found one) I use.

  12. Re: Using WPA without wpa_supplicant?

    Le 13078ième jour après Epoch,
    Derek Broughton écrivait:

    > That sounds like exactly the sort of situation that ifplugd's -d and -u
    > options are intended to resolve. Increase the value of -d to prevent
    > ifplugd seeing wpa_supplicant drop the link-beat, or increase the value of
    > -u to prevent ifplugd trying to bring the connection up until
    > wpa_supplicant is finished. Alternatively, you might need to turn off
    > ifplugd for the wireless interface, and use waproamd - but I haven't
    > experimented with waproamd, so I'm not sure it's better.


    The problem is that I don't know why wpa_supplicant is altering the
    link status on a *non* wpa network, and on a *non* declared SSID on
    the config file.

    ifplugd only report up/down, but the -d/u values are enough for it to
    not relaunch whereami.

    Thanks for replying.

  13. Re: Using WPA without wpa_supplicant?

    Hi Andrew,

    Le 13078ième jour après Epoch,
    Andrew McMillan écrivait:

    > While I don't normally use WPA, I did have to at Debconf this year and
    > added some script to whereami at that point to try and be useful with
    > wpa_supplicant.
    >
    > I'm happy to help you through the problem, if you haven't sorted it out
    > yourself. If you have sorted it out, it would be useful to understand
    > the approach you have taken.


    I think you will win on this challenge

    I've tried some WPA-PSK configs with wpa_supplicant, and all what I
    can have is:

    Oct 22 17:30:49 mersenne kernel: ipw2200: Firmware error detected. Restarting.
    Oct 22 17:31:20 mersenne last message repeated 10 times
    Oct 22 17:32:23 mersenne last message repeated 21 times
    Oct 22 17:33:24 mersenne last message repeated 20 times
    Oct 22 17:34:24 mersenne last message repeated 20 times
    Oct 22 17:34:25 mersenne dhclient: receive_packet failed on eth1: Network is down

    I've the 1.0.4-1 firmware for my ipw2200 card, so I will try (later)
    the new one.

    I'm interested by your scripts using wpa_supplicant, it can be very
    usefull when I will upgrade to 1.0.6 ipw2200 driver.

    Thanks for you reply... and good job for whereami ... je ne peux plus
    m'en passer

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQBDWmnSjaoyFt0zqSURAlzIAKCqTnO0jpJu9yj8ljI8XX zlIxufhACeLjhw
    /GAAf/SeowySwdylcVshl9g=
    =s4lV
    -----END PGP SIGNATURE-----

  14. Re: Using WPA without wpa_supplicant?

    On Sat, 2005-10-22 at 18:33 +0200, François TOURDE wrote:
    >
    > I think you will win on this challenge
    >
    > I've tried some WPA-PSK configs with wpa_supplicant, and all what I
    > can have is:
    >
    > Oct 22 17:30:49 mersenne kernel: ipw2200: Firmware error detected. Restarting.
    > Oct 22 17:31:20 mersenne last message repeated 10 times
    > Oct 22 17:32:23 mersenne last message repeated 21 times
    > Oct 22 17:33:24 mersenne last message repeated 20 times
    > Oct 22 17:34:24 mersenne last message repeated 20 times
    > Oct 22 17:34:25 mersenne dhclient: receive_packet failed on eth1: Networkis down
    >
    > I've the 1.0.4-1 firmware for my ipw2200 card, so I will try (later)
    > the new one.
    >
    > I'm interested by your scripts using wpa_supplicant, it can be very
    > usefull when I will upgrade to 1.0.6 ipw2200 driver.


    I guess the first thing would be to try using the testsupplicant script
    in whereami >0.3.23 or so.

    wpa_supplicant is (along with every other thing :-) trying to manage all
    networks, so the testsupplicant script:
    - sets the card to encrypted, key ff-ffff-ffff, open.
    - brings the interface up.
    - starts wpa_supplicant (or reloads it if it is currently running).
    - keeps looking to see if encryption is enabled within 15 seconds
    - either succeeds of gives up.

    Some things I don't know and would like to work out with this script:
    - Should it use wpa_cli to figure if wpa_supplicant succeeds?
    - Should it stop wpa_supplicant if it fails?
    - Is 15 seconds long enough?

    Regards,
    Andrew McMillan.

    -------------------------------------------------------------------------
    Andrew @ Catalyst .Net .NZ Ltd, PO Box 11-053, Manners St, Wellington
    WEB: http://catalyst.net.nz/ PHYS: Level 2, 150-154 Willis St
    DDI: +64(4)803-2201 MOB: +64(272)DEBIAN OFFICE: +64(4)499-2267
    "Elvis is my copilot."
    -- Cal Keegan
    -------------------------------------------------------------------------


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)

    iD8DBQBDWvJsjJA0f48GgBIRAhpCAKCiaMoRqL8AFOvBEGgKAA pusyn3yQCgnHEv
    0GwAGuIiq0ZKhAh+OPDx8MA=
    =Lvv6
    -----END PGP SIGNATURE-----


+ Reply to Thread