WPA2-PSK, hidden SSID, easy setup.

j77h · 2013-01-13 04:35:34

After searching and testing for several days, it seemed
impossible to set up wifi from the command line when
the Access Point uses WPA2-PSK and a hidden SSID.

But all that's needed is to know the right settings.
The crucial detail turned up in this PuppyLinux blog:
http://bkhome.org/blog/?viewDetailed=01430
"I found for a hidden SSID, I need to use ap_scan=2 JustGreg"

Then it was surprisingly easy.
All I did was put the right settings in wpa_supplicant.conf,
run wpa_supplicant, and the network was completely functional.
(I didn't need to do many of the steps that are given in the wiki.)

Don't have time to post full details now,
but here are the main points.

Equipment:
Acer 5253G laptop (Australian) with Atheros AR9287 wifi.
Wifi access point set up with WPA2-PSK and hidden SSID.
A router on the network is a DHCP server.
ArchLinux installer 2012-12-01, loaded on a YUMI UFD.

I put the following values in
/etc/wpa_supplicant/wpa_supplicant.conf

update_config=1
ap_scan=2
ctrl_interface=/var/run/wpa_supplicant

network={
	mode=0
	scan_ssid=1
	proto=WPA2
	key_mgmt=WPA-PSK
	pairwise=CCMP
	group=CCMP
	bssid=<M.A.C. of Access Point>
	ssid="<text>"
	psk=<hex_string>
}

then ran

wpa_supplicant -iwlan0 -Dwext -c/etc/wpa_supplicant/wpa_supplicant.conf -d

The output looked OK, so I did Ctrl-C then

wpa_supplicant -iwlan0 -Dwext -c/etc/wpa_supplicant/wpa_supplicant.conf -B

"iwconfig" output looked good.

"ifconfig" showed wlan0 had an IP address already.

At that point I successfully pinged my ISP's web server.

I never did "ip link set wlan0 up" nor ran dhcpcd.

Hope this helps a few people :)

graysky · 2013-01-13 05:26:01

Hidden ssids are an illusion. Your post might be better stored in the wiki.

j77h · 2013-01-13 06:30:06

graysky wrote:

Hidden ssids are an illusion.

So I've heard, but some people have them. :)

graysky wrote:

Your post might be better stored in the wiki.

Will have a go at it later, when I've time to add more details.
I'm new here, so also need to 'learn the ropes' on the wiki.
Thanks for the encouragement.

hunterthomson · 2013-01-14 21:50:21

The easiest way is to use netcfg.

like

pacman -S netcfg
cp /etc/network.d/examples/wireless-wpa /etc/network.d/mywifi
nano /etc/network.d/mywifi

And edit as needed. Just make sure to uncomment

# Uncomment this if your ssid is hidden
#HIDDEN=yes

Now you can connect with netcfg

netcfg mywifi

hunterthomson · 2013-01-14 21:53:05

graysky wrote:

Hidden ssids are an illusion.

Yep, because the signaling packets can not be encrypted.

So, when someone connects to the wireless network they have to put the SSID in clear text. If someone is already associated with the wireless network you can send them a deauth packet and watch them reconnect to get the SSID.

MAC filtering is also misunderstood. All MAC filtering can do is limit the number of devices connected to the wireless network at one time not limit which devices can connect, because changing a MAC is as easy as changing an IP.

Last edited by hunterthomson (2013-01-14 21:55:30)

graysky · 2013-01-15 18:59:37

Best defense is WPA2 and a good 63 character key. Hidden SSID or MAC filtering are both security illusions as previously mentioned.

Arch Linux

#1 2013-01-13 04:35:34

WPA2-PSK, hidden SSID, easy setup.

#2 2013-01-13 05:26:01

Re: WPA2-PSK, hidden SSID, easy setup.

#3 2013-01-13 06:30:06

Re: WPA2-PSK, hidden SSID, easy setup.

#4 2013-01-14 21:50:21

Re: WPA2-PSK, hidden SSID, easy setup.

#5 2013-01-14 21:53:05

Re: WPA2-PSK, hidden SSID, easy setup.

#6 2013-01-15 18:59:37

Re: WPA2-PSK, hidden SSID, easy setup.

Board footer