You are not logged in.

#1 2013-01-13 04:35:34

j77h
Member
From: Qld Aus
Registered: 2013-01-12
Posts: 4

WPA2-PSK, hidden SSID, easy setup.

After searching and testing for several days, it seemed
impossible to set up wifi from the command line when
the Access Point uses WPA2-PSK and a hidden SSID.

But all that's needed is to know the right settings.
The crucial detail turned up in this PuppyLinux blog:
http://bkhome.org/blog/?viewDetailed=01430
"I found for a hidden SSID, I need to use ap_scan=2  JustGreg"

Then it was surprisingly easy.
All I did was put the right settings in wpa_supplicant.conf,
run wpa_supplicant, and the network was completely functional.
(I didn't need to do many of the steps that are given in the wiki.)

Don't have time to post full details now,
but here are the main points.

Equipment:
Acer 5253G laptop (Australian) with Atheros AR9287 wifi.
Wifi access point set up with WPA2-PSK and hidden SSID.
A router on the network is a DHCP server.
ArchLinux installer 2012-12-01, loaded on a YUMI UFD.

I put the following values in
/etc/wpa_supplicant/wpa_supplicant.conf

update_config=1
ap_scan=2
ctrl_interface=/var/run/wpa_supplicant

network={
	mode=0
	scan_ssid=1
	proto=WPA2
	key_mgmt=WPA-PSK
	pairwise=CCMP
	group=CCMP
	bssid=<M.A.C. of Access Point>
	ssid="<text>"
	psk=<hex_string>
}

then ran

wpa_supplicant -iwlan0 -Dwext -c/etc/wpa_supplicant/wpa_supplicant.conf -d

The output looked OK, so I did Ctrl-C then

wpa_supplicant -iwlan0 -Dwext -c/etc/wpa_supplicant/wpa_supplicant.conf -B

"iwconfig" output looked good.

"ifconfig" showed wlan0 had an IP address already.

At that point I successfully pinged my ISP's web server.

I never did "ip link set wlan0 up" nor ran dhcpcd.

Hope this helps a few people :)

Offline

#2 2013-01-13 05:26:01

graysky
Member
From: /run/user/1000
Registered: 2008-12-01
Posts: 8,454
Website

Re: WPA2-PSK, hidden SSID, easy setup.

Hidden ssids are an illusion.  Your post might be better stored in the wiki.


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#3 2013-01-13 06:30:06

j77h
Member
From: Qld Aus
Registered: 2013-01-12
Posts: 4

Re: WPA2-PSK, hidden SSID, easy setup.

graysky wrote:

Hidden ssids are an illusion.

So I've heard, but some people have them. :)

graysky wrote:

Your post might be better stored in the wiki.

Will have a go at it later, when I've time to add more details.
I'm new here, so also need to 'learn the ropes' on the wiki.
Thanks for the encouragement.

Offline

#4 2013-01-14 21:50:21

hunterthomson
Member
Registered: 2008-06-22
Posts: 794
Website

Re: WPA2-PSK, hidden SSID, easy setup.

The easiest way is to use netcfg.

like

pacman -S netcfg
cp /etc/network.d/examples/wireless-wpa /etc/network.d/mywifi
nano /etc/network.d/mywifi

And edit as needed. Just make sure to uncomment

# Uncomment this if your ssid is hidden
#HIDDEN=yes

Now you can connect with netcfg

netcfg mywifi

OpenBSD-current Thinkpad X230, i7-3520M, 16GB CL9 Kingston, Samsung 830 256GB
Contributor: linux-grsec

Offline

#5 2013-01-14 21:53:05

hunterthomson
Member
Registered: 2008-06-22
Posts: 794
Website

Re: WPA2-PSK, hidden SSID, easy setup.

graysky wrote:

Hidden ssids are an illusion.

Yep, because the signaling packets can not be encrypted.

So, when someone connects to the wireless network they have to put the SSID in clear text. If someone is already associated with the wireless network you can send them a deauth packet and watch them reconnect to get the SSID.

MAC filtering is also misunderstood. All MAC filtering can do is limit the number of devices connected to the wireless network at one time not limit which devices can connect,  because changing a MAC is as easy as changing an IP.

Last edited by hunterthomson (2013-01-14 21:55:30)


OpenBSD-current Thinkpad X230, i7-3520M, 16GB CL9 Kingston, Samsung 830 256GB
Contributor: linux-grsec

Offline

#6 2013-01-15 18:59:37

graysky
Member
From: /run/user/1000
Registered: 2008-12-01
Posts: 8,454
Website

Re: WPA2-PSK, hidden SSID, easy setup.

Best defense is WPA2 and a good 63 character key.  Hidden SSID or MAC filtering are both security illusions as previously mentioned.


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

Board footer

Powered by FluxBB