Jump to content

wpa_supplicant, automated wpa.conf... [Group cipher, Pairwise, Authentication]


i8igmac
 Share

Recommended Posts

i have been manually writing wpa.configs for use with wpa_supplicant for a while now, and i find its a headache

this process is almost a guessing game, i dont see much documentation on this subject other then copy and paste a config found online and hope it works, if it fails then modification is needed...

If there are any opinions on building these wpa configs, maybe more command line tools to help automate this process, plz share...

So, i feel that all the information you need to properly build a config is available by running `iwlist wlan0 scan`

So, here is a little ruby script... your wireless card must be UP and in manage mode...

this script will filter out a bunch of junk you dont need to see...

there are 2 variables to pass to the script, wlan0 and STRING

the string can be anything you find in the output of iwlist scan, like a mac address or essid name...

root@debian:~/project# ruby iwlist.rb wlan0 HOME-7

identicle results can be seen with a simple grep command

iwlist wlan0 scan | grep -v Unknown

puts "device: #{ARGV[0]}"
puts "essid: #{ARGV[1]}"


data=`iwlist #{ARGV[0]} scan`.gsub("Cell ", "\n\n")
data.split("\n\n").each{|x| 
	if x.include?("#{ARGV[1]}")
		x.each_line{|x|
			if not x.include?("Unknown:")
			puts x
			end
		}
	end
}

And here is the example output you will see below... and how i run the script...

root@debian:~/project# ruby iwlist.rb wlan0 HOME-7

22 - Address: 00:26:F3:58:7E:C8
                    Channel:11
                    Frequency:2.462 GHz (Channel 11)
                    Quality=27/70  Signal level=-83 dBm  
                    Encryption key:on
                    ESSID:"HOME-7EC8"
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s
                              18 Mb/s; 36 Mb/s; 54 Mb/s
                    Bit Rates:6 Mb/s; 12 Mb/s; 24 Mb/s; 48 Mb/s
                    Mode:Master
                    Extra:tsf=000000a05f2d0146
                    Extra: Last beacon: 230ms ago
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK

So, now we can see this access point uses WPA2 version 1

the protocal=WPA2

the Group cipher=CCMP

the Pairwise cipher=CCMP

authentication is PSK

and here is how i would think a wpa_supplicant config should look like...

ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
network={
	ssid="HOME-7EC8"
	psk="H2110413F11C8BF7"
	#psk=57996240
	proto=WPA2
	key_mgmt=WPA-PSK
	pairwise=CCMP
	group=CCMP

}

Does this look correct? currently im getting a authentication timeout error witch might only be due to signal strength...

each access point will show different kinds of encryption requirements that are displayed from iwlist scan... here is a example of what I THINK is backwards compatibility, what i mean by that is this next access point will support clients for WPA2 version1 and wpa version1

ruby iwlist.rb wlan1

15 - Address: 40:4A:03:C3:D6:B5
                    Channel:11
                    Frequency:2.462 GHz (Channel 11)
                    Quality=55/70  Signal level=-55 dBm  
                    Encryption key:on
                    ESSID:"myqwest6671"
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s
                    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                              36 Mb/s; 48 Mb/s; 54 Mb/s
                    Mode:Master
                    Extra:tsf=000001cb08c4c236
                    Extra: Last beacon: 260ms ago
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (2) : CCMP TKIP
                        Authentication Suites (1) : PSK
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (2) : CCMP TKIP
                        Authentication Suites (1) : PSK

you can see this access point might allow wpa and wpa2 protocol...

here is the best document if can find online for a reference https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf

Edited by i8igmac
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...