19.10.05

Ubuntu und WPA: Heute habe ich meine ganze WLAN-Kommunikation auf WPA umgestellt. Folgendes, exzellentes Howto habe ich dabei bei Ubuntuforums gefunden:

Wlan und WPA

Hier die Kopie davon:

Pre-amble:

I've been bashing at this for the last few hours as I just got myself a shiny new wireless router and wanted to use WPA-PSK rather than WEP. I don't pretend to be any sort of guru at this; I spent most of my time reading FAQs and Wiki entries; swore at my computer for a while when it didn't work and then just started experimenting. I've finally got what appears to be a fairly nice configuration that works great for me - I'm writing it up in the hopes that it helps someone else.

Assumptions:
  • You can already access the network/internet -without- WPA or other encryption.
  • You're using an ndiswrapper-based driver (probably not essential, but you'll have to modify a few of the commands if you're using madwifi or one of the native drivers - YMMV).
  • Your wireless card comes up with an interface name of 'wlan0' (if not, you'll need to modify my examples to suit).
  • You want to use WPA-PSK with either TKIP or AES/CCMP.
  • Your router (or whatever) provides IP address details via DHCP (not essential, but you'll have to modify one of the files beyond my examples).
  • Your router or WAP broadcasts its' SSID. Sorry, haven't worked out how to make this work with broadcasting switched off yet. :/
  • You're working with an installation of Ubuntu Hoary.
  • You're comfortable editing files and working with badly-written HOWTOs.

OK, here we go..

You should already have your wireless working -without- WPA encryption. If you don't, the rest of this probably won't help you.

First up, you'll need the wpasupplicant package. It's in the Universe repository, so you'll need to have that in your sources.list file. If you've already installed this package, I recommend that you reinstall; use these commands to get rid of it:
sudo killall wpasupplicant
sudo dpkg --purge wpasupplicant
Now install a fresh copy:
sudo apt-get install wpasupplicant
After you've got it installed, start by modifying the "default" file -- I'm not sure why to be honest, but the installer told me to start there and I did:
sudo vi /etc/default/wpasupplicant
Here's what mine looks like; modify yours to taste:

Code:
# /etc/default/wpasupplicant

# WARNING! Make sure you have a configuration file!

ENABLED=1

# Useful flags:
# -D Wireless Driver
# -i Interface (required, unless specified in config)
# -c Configuration file
# -d Debugging (-dd for more)
# -w Wait for interface to come up

# OPTIONS="-w"

Save and exit.

Next, you'll need to sort your pre-shared key out. My router allows me to input the passphrase that makes up the key itself; I originally tried putting this passphrase in as the wireless key, which failed to work altogether for fairly obvious reasons. Hindsight is wonderful like that. Take the passphrase that you used in your router or WAP and use wpa_passphrase to generate the key. You use this command in the following format:
wpa_passphrase
So the command I ran looks something like this:
wpa_passphrase MyHomeWireless SuperSecretPassphrase
..which gives you an output something like:

Code:
network={
ssid="MyHomeWireless"
#psk="SuperSecretPassphrase"
psk=e42ac2538ef03f906d37332a0df4446150e04cdcdd392e309486075065a70a1f
}

Copy all that - we'll need in a moment. You now need to put that in to a configuration file for wpa_supplicant, which you first need to create. Given that you'll have the keys to your wireless access in this file, a little extra precaution is in order. Use the following commands to create and then open the file for editing:
sudo touch /etc/wpa_supplicant.conf
sudo chmod 600 /etc/wpa_supplicant.conf
sudo vi /etc/wpa_supplicant.conf
Using the output of wpa_passphrase we copied earlier as a base, you'll need to tell wpa_supplicant a few more details about your network. Here's what my copy of this file looks like when complete, with the sample data:

Code:
network={
ssid="MyHomeWireless"
#psk="SuperSecretPassphrase"
psk=e42ac2538ef03f906d37332a0df4446150e04cdcdd392e309486075065a70a1f
key_mgmt=WPA-PSK
proto=WPA
}

Save and exit.

You should probably test this now - here's a good command to copy/paste to your cli (this will only work if you fulfill the assumptions of this HOWTO):
sudo ifconfig wlan0 up && /usr/sbin/wpa_supplicant -Bw -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf && dhclient wlan0
If that doesn't get you to the point where you can ping other hosts on your network, something is most likely wrong with wpa_supplicant (I'm assuming that it hasn't got anything to do with DHCP). Run these two commands:
sudo dhclient -r wlan0 && ifconfig wlan0 down && killall wpa_supplicant
sudo ifconfig wlan0 up && /usr/sbin/wpa_supplicant -w -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd
This will give you a bunch of debugging output, and someone who is much more skilled than I might be able to help you out. Sorry, but this HOWTO isn't going to help you much more, as it's beyond my ken completely.

If you got lucky and you -are- able to ping hosts on your network, now is the time to automate it. It's actually really easy. Run this command first to bring the wireless link down cleanly:
sudo dhclient -r wlan0 && ifconfig wlan0 down && killall wpa_supplicant
You need to tell your network interface configuration file how to deal with the wireless config nicely; here's what you need to put in for your wireless card (again, if you don't completely fulfill the assumptions of this HOWTO, you'll need to change a few things). Open up /etc/network/interfaces:
sudo vi /etc/network/interfaces
..here's the part you'll need to add/modify in yours for the wireless:

Code:
auto wlan0
iface wlan0 inet dhcp
pre-up /usr/sbin/wpa_supplicant -Bw -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf
post-down killall -q wpa_supplicant

Save and exit.

We're all done! Wireless will now come up on boot (assuming that your computer already detects the card and loads the drivers for it already), and you can start/stop the wireless link with the following two commands:
sudo ifup wlan0
sudo ifdown wlan0
--

Keine Kommentare: