[SOLVED]networkd, wpa_supplicant@ service, wpa_cli and wpa_gui

ewaller · 2015-10-24 05:27:57

Today I made the change over to systemd-networkd from netctl. Works like a charm controlling my wireless and wired networks. As the wiki directed, the wireless connection is handled by wpa_supplicant. Now I am trying to harmonize the user space tools.

The wpa_supplicant suggested adding the wheel group to the wpa_supplicant control interface. Trying that killed the ability of networkd to use wpa_supplicant. Okay, fine. I can happily run wpa_cli using sudo and can do much of what I need there. But, I really want to encrypt the pass phrases. Is there a way to enter a ne pass phrase in wpa_cli so that it written to the conf file encrypted?

I can use wpa_passphrase, but it is a bit awkward. The best way I've found to do this is to pull the config up in emacs and use meta-! with a prefix to execute the wpa_passphrase command and insert the output at the point. Then you have to kick back to wpa_cli and tell it to reconfigure. A few steps.

Finally, I would like to use wpa_gui. It works fine for wpa_supplicant run as a daemon with wheel. I cannot for the life of me get it to work when wpa_supplicant is started as a wpa_supplicant@ service. Either it is unable to connect to wpa_supplicant (running it as Joe user), or getting a blank window if launching it as root. I've tried root as gksu, gksudo, sudo with XAUTORITY and SCREEN variables set. All yield a blank window.

So... anyone who is using systemd-networkd and wpa_supplicant@, what is the recommended way of providing a convenient, well integrated, user space tool set for adding and selecting networks?

Last edited by ewaller (2015-10-25 19:05:04)

fdservices · 2015-10-24 12:02:34

I am no expert but, I think your problem stems from that fact that systemd-networkd will use a configuration file for wpa_supplicant specifically for an interface e.g. wpa_supplicant-wlp2s0.conf. If you have only one interface then you can link the specific file to the general one e.g. wpa_supplicant-wlp2s0.conf -> wpa_supplicant.conf which saves specifying the configuration file when using the various tools.

To add a new network you could write a simple bash script, but beware of duplicating an SSID in a network block.

Andrew

ewaller · 2015-10-25 19:03:43

And, I found the answer. The loose nut in front of the keyboard. I failed to properly copy the syntax for the control interface for wpa_supplicant from the wiki.
In my defense, man wpa_supplicant.conf borders on useless.

Anyway, with the right line in /etc/wpa_suuplicant/wpa_supplicant-wlo1.conf, it works

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel

Note the '=' before and after "DIR"

wpa_gui works just fine when started as

wpa_gui -p /var/run/wpa_supplicant -i wlo1 -t

Now I am very happy with this. The only irksome thing is that only wpa_passphrase generates an encrypted pass phase. Neither wpa_cli or wpa_gui do; they use clear text. If wpa_gui encounters a clear text passkey, it allows it to be changed. If the pass phrase is encrypted in the config file, the option to change it is greyed out. It would be nice if wpa_gui would use cryptographically protected pass phrases.

In any event, Solved.

Last edited by ewaller (2015-10-25 19:18:28)

Arch Linux

#1 2015-10-24 05:27:57

[SOLVED]networkd, wpa_supplicant@ service, wpa_cli and wpa_gui

#2 2015-10-24 12:02:34

Re: [SOLVED]networkd, wpa_supplicant@ service, wpa_cli and wpa_gui

#3 2015-10-25 19:03:43

Re: [SOLVED]networkd, wpa_supplicant@ service, wpa_cli and wpa_gui

Board footer