Sunday, February 07, 2010

Setup Linux Wireless Access WPA_supplicant

I would like to post how I managed to get internet connection in my Linux CentOS 5.4 environment. I have spent many times to figure out the setup since I am new in linux wireless. Before this, I also encounter problem to install Broadcom BCM4328 driver in my linux too (headache). Over here I only focus on wireless setup for WPA (WiFi Protected Access) wireless access point. Do not confuse WPA with either WAP (wireless access point) & WEP (Wired Equivalent Privacy). WPA is intended to replace old WEP system due to the poor security reason. It can be easily sniff in with aircrack-ng, which is a prevalent hacking too to grab password/key. However WPA can be also cracked by aircrack easily... I still do not know yet.





To access wireless with WEP encription, the conventional method.
My wireless setup is eth1 (yours might be eth0, wlan0, etc)
If you cannot use the command, then add /sbin/ before the command
example: #sudo /sbin/iwlist eth1 scanning

1. #sudo iwlist eth1 scanning [to scan available wireless access]

eth1 Scan completed :
Cell 01 - Address: 00:55:55:B7:55:0C
ESSID:"myhomewireless"
Mode:Managed
Frequency:2.462 GHz (Channel 11)
Quality:4/5 Signal level:-63 dBm Noise level:-90 dBm
IE: WPA Version 18960
Group Cipher : Proprietary
Pairwise Ciphers (68) : IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
Encryption key:on
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
24 Mb/s; 36 Mb/s; 54 Mb/s; 6 Mb/s; 9 Mb/s
12 Mb/s; 48 Mb/s

From here, it is clearly shown that it is a WPA encription and not WEP

2. #sudo iwconfig essid myhomewireless key s:string_of_wep_password
The "s:" to indicate string instead of hexa values

it prompted me :
Error for wireless request "Set Encode" (8B2A) :
SET failed on device eth1 ; Invalid argument.

it is due to the router uses WPA instead of WEP key

3. #sudo iwconfig [to check whether I have connected to
myhomewireless]
lo no wireless extensions.

eth0 no wireless extensions.

eth1 IEEE 802.11abgn ESSID:"
myhomewireless" Nickname:"localhost.localdomain"
Mode:Ad-Hoc Frequency:2.412 GHz Cell: 1A:87:D5:5F:B9:8F
Bit Rate=2 Mb/s Tx-Power:32 dBm
Retry min limit:7 RTS thr:off Fragment thr:off
Power Managementmode:All packets received
Link Quality=5/5 Signal level=-57 dBm Noise level=-89 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

sit0 no wireless extensions.


Although it has been connected to the intended essid but i still cannot browse internet!!!

4. #dhclient eth1 [to automatically get IP]

-----------------------------------------------------------------------
In order to access WPA, few thing need to be setup
Change to superuser by #su

1.
#cd /etc/wpa_supplicant
# cp wpa_supplicant.conf wpa_supplicant.conf.origin [backup the original one]
# vi wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel

network={
ssid="
myhomewireless"
key_mgmt=WPA-PSK
psk="
string_of_wpa_password"
}


Note: need to put " "

2.
make association
#wpa_supplicant -B -dd -ieth1 -c /etc/wpa_supplicant/wpa_supplicant.conf

Note: sometime cannot override the file because the file is in use. Can delete the file in /var/run/wpa_supplicant/eth1 & execute step2 again.


3.
#dhclient eth1
[to automatically get IP]

4. invoke browser like firefox. Cheer!!

------------------------------------------------------------

If still cannot connect, mostly due to previous setup.
check
1. vi /etc/sysconfig/network-scripts/keys-eth1 [make sure it is blank, it stores WEP password]

2. vi /etc/sysconfig/network-scripts/ifcfg-eth1

# Broadcom Corporation BCM4328 802.11a/b/g/n
DEVICE=eth1
BOOTPROTO=dhcp
ONBOOT=no
HWADDR=00:22:68:c0:c5:81
NETMASK=
DHCP_HOSTNAME=
IPADDR=
BONDING_OPTS=
DOMAIN=
MASTER=
TYPE=Wireless
USERCTL=yes
IPV6INIT=no
PEERDNS=yes
ESSID=
myhomewireless
CHANNEL=
MODE=Master
SECURITYMODE=off
RATE=auto

Just make sure correct essid & mode to Master.
Setup the mode to Master, since I use WAP encription for dedicated router (not multiple router)
------------------------------------------------
after restart the linux, here are the step

1. #su
2. #iwlist eth1 scanning
3. #wpa_supplicant -B -dd -ieth1 -c /etc/wpa_supplicant/wpa_supplicant.conf
4 #dhclient eth1
5 #firefox &

---------------------------------------

Hope it helps!! cheers!

No comments: