Diff for /wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn between versions 1.3 and 1.5

version 1.3, 2016/04/14 20:10:26 version 1.5, 2016/04/14 20:33:04
Line 15  On NetBSD, the [wpa_supplicant(8)](http: Line 15  On NetBSD, the [wpa_supplicant(8)](http:
   
 To configure WPA/WPA2, you must create the file  To configure WPA/WPA2, you must create the file
  [`/etc/wpa_supplicant.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current).   [`/etc/wpa_supplicant.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current).
   You can find examples for `/etc/wpa_supplicant.conf` in
    `/usr/share/examples/wpa_supplicant/wpa_supplicant.conf`.
 The simplest case is a network, say `my favourite network`, with a  The simplest case is a network, say `my favourite network`, with a
  fixed passphrase, say `hunter2`.   fixed passphrase, say `hunter2`.
 For this case, fill your `/etc/wpa_supplicant.conf` file with:  For this case, fill your `/etc/wpa_supplicant.conf` file with:
   
    ctrl_interface=/var/run/wpa_supplicant      ctrl_interface=/var/run/wpa_supplicant
    ctrl_interface_group=wheel      ctrl_interface_group=wheel
    network={      network={
            ssid="my favourite network"              ssid="my favourite network"
            psk="hunter2"              psk="hunter2"
    }      }
   
 Then enable wpa_supplicant on your network interface device, say  Then enable wpa_supplicant on your network interface device, say
  `iwn0`, by editing [`/etc/rc.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current)   `iwn0`, by editing [`/etc/rc.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current)
  to add   to add
   
    wpa_supplicant=YES      wpa_supplicant=YES
    wpa_supplicant_flags="${wpa_supplicant_flags} -i iwn0"      wpa_supplicant_flags="${wpa_supplicant_flags} -i iwn0"
   
 If your LAN is configured with DHCP, you will likely also want  If your LAN is configured with DHCP, you will likely also want
  `dhcpcd=YES` in `/etc/rc.conf` to run [dhcpcd](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current).   `dhcpcd=YES` in `/etc/rc.conf` to run [dhcpcd](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current).
 Then start wpa_supplicant with the shell command:  Then start wpa_supplicant with the shell command:
   
    # /etc/rc.d/wpa_supplicant start      # /etc/rc.d/wpa_supplicant start
   
 or reboot for the change to take effect.  or reboot for the change to take effect.
   
 You can query the current status of WPA/WPA2 with the shell command:  You can query the current status of WPA/WPA2 with the shell command:
   
    # wpa_cli status      # wpa_cli status
   
 If you want to configure more 802.11 networks, add more `network`  If you want to configure more 802.11 networks, add more `network`
  stanzas to `/etc/wpa_supplicant.conf`, and notify wpa_supplicant of   stanzas to `/etc/wpa_supplicant.conf`, and notify wpa_supplicant of
  them:   them:
   
    # /etc/rc.d/wpa_supplicant reload      # /etc/rc.d/wpa_supplicant reload
   
 #  Do not wait for lease; useful if no network is within reach, so boot will not hang  #  Do not wait for lease; useful if no network is within reach, so boot will not hang
   
Line 63  You can pass the `-b` flag to Line 65  You can pass the `-b` flag to
  to make it immediately go into the background, by setting   to make it immediately go into the background, by setting
  `dhcpcd_flags` in `/etc/rc.conf`:   `dhcpcd_flags` in `/etc/rc.conf`:
   
    dhcpcd_flags="${dhcpcd_flags} -b"      dhcpcd_flags="${dhcpcd_flags} -b"
   
 #  Other Network Configurations  #  Other Network Configurations
   
Line 77  These networks can be given different pr Line 79  These networks can be given different pr
 If the network is hidden, so that the access point does not broadcast  If the network is hidden, so that the access point does not broadcast
  its presence, you must specify the `scan_ssid=1` option:   its presence, you must specify the `scan_ssid=1` option:
   
    network={      network={
            ssid="my network"              ssid="my network"
            scan_ssid=1              scan_ssid=1
            psk="sekret"              psk="sekret"
    }      }
   
 ##  Open Networks  ##  Open Networks
   
    network={      network={
            ssid="MYUNPROTECTEDWLAN"              ssid="MYUNPROTECTEDWLAN"
            key_mgmt=NONE              key_mgmt=NONE
            priority=100              priority=100
    }      }
   
 ##  WEP encryption  ##  WEP encryption
   
Line 99  It is known to be completely broken: bre Line 101  It is known to be completely broken: bre
 However, sometimes there is a need to use WEP in legacy networks.  However, sometimes there is a need to use WEP in legacy networks.
 Here is a configuration if you want to do it with wpa_supplicant:  Here is a configuration if you want to do it with wpa_supplicant:
   
    network={      network={
            ssid="MYWEAKLYENCRYPTEDWLAN"              ssid="MYWEAKLYENCRYPTEDWLAN"
            key_mgmt=NONE              key_mgmt=NONE
            wep_key0="12345"  # or 13 characters, or a hexkey starting with 0x              wep_key0="12345"  # or 13 characters, or a hexkey starting with 0x
            wep_tx_keyidx=0              wep_tx_keyidx=0
    }      }
   
 Note that you have to use wpa_supplicant to configure WEP: you can also  Note that you have to use wpa_supplicant to configure WEP: you can also
  simply use   simply use
  [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):   [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):
   
    ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345      ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345
   
 ##  Password-Authenticated MSCHAPv2  ##  Password-Authenticated MSCHAPv2
   
 This seems to be a common configuration for password-authenticated networks:  This seems to be a common configuration for password-authenticated networks:
   
    network={      network={
            ssid="WLANSSID"              ssid="WLANSSID"
            key_mgmt=IEEE8021X              key_mgmt=IEEE8021X
            eap=PEAP              eap=PEAP
            phase2="auth=MSCHAPV2"              phase2="auth=MSCHAPV2"
            identity="login"              identity="login"
            password="password"              password="password"
    }      }
   
 #  See also  #  See also
   

Removed from v.1.3  
changed lines
  Added in v.1.5


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb