[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wireles /wpa_supplicant - where to start?



On Thu, Oct 25, 2007 at 04:41:35PM +0000, Tyler Smith wrote:
> Hi,
> 
> I'm trying to set myself up on my University's wireless network. I can
> successfully connect to my home wireless using:
> 
> iwconfig ath0 key 676bd87bc0dd5315f1cd8de794
> dhclient ath0
> 
> and to unencrypted public access points using:
> 
> ifconfig ath0 down
> iwconfig ath0 key off
> ifconfig ath0 up
> iwconfig ath0 ap any
> dhclient ath0

I'm responding as I need to learn about this stuff and maybe can help,
but I don't know much... 

> 
> However, my University uses WPA, TKIP, PEAP and EAP-MSCHAP v2. I was
> advised to try network manager, but I couldn't get either
> network-manager-gnome or kdenetwork-manager to work on my laptop
> running fluxbox. network-manager-gnome reported that network manager
> wasn't running even when it was, and kdenetwork-manager reported that
> it could not find any network devices.
> 
> I couldn't figure this out, so I removed network manager et al and

I agree with this. network-manager, althought it does some good
things, seems kind of cryptic and hides what's happening. IMO. 

I've read over your output below and have some comments about what I'm
reading, but as to whether its a hardware/driver issue, I can't say,
so take this with appropriate salt...

> installed wpa_supplicant. I read the man page, and wrote the following
> wpa_supplicant.conf script:
> 
> ctrl_interface=/var/run/wpa_supplicant
> ctrl_interface_group=tyler
> 
> network={
>     ssid="SMU_PUBLIC"
>     key_mgmt=WPA-EAP IEEE8021X NONE
>     pairwise=TKIP
>     eap=MSCHAPV2 PEAP
>     identity="my-university-user-name"
>     password="my-university-password"
> }
> 
> 

okay.

> root:tyler# wpa_supplicant -iath0 -c/etc/wpa_supplicant.conf -d
> Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
> Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
> Reading configuration file '/etc/wpa_supplicant.conf'
> ctrl_interface='/var/run/wpa_supplicant'
> ctrl_interface_group='tyler' (DEPRECATED)

you could replace 'tyler' with 1000 which is what it does below and
probably get rid of the (DEPRECATED) warning, but I assume that's no
big deal. might be worth it to see what its been replaced with though.


> Line 11: removed CCMP from group cipher list since it was not allowed for pairwise cipher
> Priority group 0
>    id=0 ssid='SMU_PUBLIC'

great, ssid is set.

> Initializing interface (2) 'ath0'
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> Interface ath0 set UP - waiting a second for the driver to complete initialization
> SIOCGIWRANGE: WE(compiled)=20 WE(source)=13 enc_capa=0xf
>   capabilities: key_mgmt 0xf enc 0xf
> WEXT: Operstate: linkmode=1, operstate=5

might be worthwhile to research what those two setting mean...

> Own MAC address: 00:16:cf:1d:c9:e4
> wpa_driver_wext_set_wpa
> wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> wpa_driver_wext_set_countermeasures
> wpa_driver_wext_set_drop_unencrypted
> RSN: flushing PMKID list in the driver
> Setting scan request: 0 sec 100000 usec
> ctrl_interface_group=1000 (from group name 'tyler')

see what I mean about group? 

> Added interface ath0
> Ignore event for foreign ifindex 6
> RTM_NEWLINK: operstate=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> RTM_NEWLINK: operstate=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> RTM_NEWLINK: operstate=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
> Wireless event: cmd=0x8b06 len=8
> RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Trying to get current scan results first without requesting a new scan to speed up initial association

okay. this is interesting. it seems like it first looking in some
cached results somewhere instead of doing an actual scan.

> Received 760 bytes of scan results (3 BSSes)
> Scan results: 3
> Selecting BSS from priority group 0
> Try to find WPA-enabled AP

you're trying to connect with WPA, so this makes sense.

> 0: 00:16:c7:dc:00:e1 ssid='' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
>    skip - SSID mismatch
> 1: 00:16:c7:db:e8:e0 ssid='' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - no WPA/RSN IE
> 2: 00:16:c7:dc:00:a0 ssid='' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - no WPA/RSN IE

the three results returned from that cache are shown and the one with
wpa (item 0) has no ssid specified, or its hidden or something. but
its being discarded because it doesn't match. The other two are being
skipped because they aren't wpa.

> Try to find non-WPA AP

now its trying to match any AP, wpa or not.

> 0: 00:16:c7:dc:00:e1 ssid='' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
>    skip - SSID mismatch
> 1: 00:16:c7:db:e8:e0 ssid='' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - SSID mismatch
> 2: 00:16:c7:dc:00:a0 ssid='' wpa_ie_len=0 rsn_ie_len=0 caps=0x1
>    skip - SSID mismatch

again, ssid's don't match so its skipping them. But remember, these
three access points come from some cache somewhere and *may* not match
up to what is currently available.

> No suitable AP found.
> Setting scan request: 0 sec 0 usec
> Starting AP scan (broadcast SSID)
> Scan timeout - try to get results

so since those three didn't work, its trying an *actual* scan

> Received 1002 bytes of scan results (4 BSSes)
> Scan results: 4

found four items

> Selecting BSS from priority group 0
> Try to find WPA-enabled AP
> 
> <SNIPPED OUTPUT>

and you've snipped these results. what happened? was it more of the
ssid mis-match? 

I think the problem is that you're dealing with a hidden ssid. If
you're confident that the AP you want to connect to is one of the ones
found, maybe change ssid to 'any' and see what happens. 

hopefully my random thoughts are helpful


A

Attachment: signature.asc
Description: Digital signature


Reply to: