I am able to get that to work:
iwconfig wlan0 key 'xxxxx' mode managed essid 'nameofap' ap 11:11:11:11:11:11 channel 1
For instance. Take down the interface before the above command, bring it up afterwards, then
let airodump-ng go: airodump-ng -w /usb/filename wlan0
When you connect to an encrypted AP you are going to need to get the four way handshake
for decrypting it afterwards. It will be encrypted in your pcap file. Use wireshark on your android/pc/etc
and google wireshark decryption for explicit instructions.
There is good documentation for it. One tip: enable the wifi bar so you don't have to search the
options interface everytime.
On capturing traffic: I am experimenting with this myself. I am finding with a basic 5db or 10db omnidirectional
antenna the results are "meh". My theory is that this is because the APs have much more txpower then
the clients (gaming systems, computers, wifi phones, etc).
I am a little lost as to why doesn't everyone just use the system in monitor mode, why even have jasager/karma,
but the results I have heard from karma are excellent(for instance, in malls, see ars techica article on mobile bugs good
article pimping the pineapple from Dan Kukyendall of NTO Objectives).... versus the results I see from monitor
mode are "meh".
Theoretically, you should be able to get enough bad traffic, if it is not SSL encrypted, if you keep it on open
networks for awhile to say "this network should not be open".
In practice, I am finding that not to be the case, myself, but I am a noob at this. (I am an ancient and professional
sec guy, just have not worked with wifi before much.)