-
概述
wpa_supplicant是wifi客戶端(client)加密認證工具,和iwconfig不同,wpa_supplicant支持wep、wpa、wpa2等完整的加密認證,而iwconfig只能支持wep。
和wpa_supplocant相對應的,ap端的加密認證工具為hostapd。
wpa_supplicant運行於后台,它需要借助控制台工具wpa_cli來進行手動操作。
在wpa_supplicant源碼目錄下,存在參考的配置文件wpa_supplicant.conf,幾乎包含里所有的配置項。
我們的配置文件不需要這么復雜,開始測試階段,我只寫最簡單的配置文件,其它手動操作先。
在/etc/下建立配置文件wpa_supplicant.conf,內容如下:
| ctrl_interface=/var/run/wpa_supplicant update_config=1 |
其中,update_config=1使能配置更改。
wpa_supplicant可以通過如下命令查看其所有操作參數:
| #wpa_supplicant --help wpa_supplicant: invalid option -- - wpa_supplicant v0.8.x Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors This program is free software. You can distribute it and/or modify it under the terms of the GNU General Public License version 2. Alternatively, this software may be distributed under the terms of the BSD license. See README and COPYING for more details.
usage: wpa_supplicant [-BddhKLqqstuvW] [-P<pid file>] [-g<global ctrl>] \ -i<ifname> -c<config file> [-C<ctrl>] [-D<driver>] [-p<driver_param>] \ [-b<br_ifname>] [-f<debug file>] [-e<entropy file>] \ [-o<override driver>] [-O<override ctrl>] \ [-N -i<ifname> -c<conf> [-C<ctrl>] [-D<driver>] \ [-p<driver_param>] [-b<br_ifname>] ...]
drivers: athr = Atheros Linux driver options: -b = optional bridge interface name -B = run daemon in the background -c = Configuration file -C = ctrl_interface parameter (only used if -c is not) -i = interface name -d = increase debugging verbosity (-dd even more) -D = driver name (can be multiple drivers: nl80211,wext) -e = entropy file -g = global ctrl_interface -K = include keys (passwords, etc.) in debug output -t = include timestamp in debug messages -h = show this help text -L = show license (GPL and BSD) -o = override driver parameter for new interfaces -O = override ctrl_interface parameter for new interfaces -p = driver parameters -P = PID file -q = decrease debugging verbosity (-qq even less) -v = show version -W = wait for a control interface monitor before starting -N = start describing new interface example: wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf |
其中最常用的為:-i 指定端口,-c 指定配置文件,-D 指定使用的wifi驅動
我們這里只指定端口和配置文件,驅動使用默認的。
wpa_supplicant啟動操作命令如下:
| #wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf & |
注意:啟動wpa_supplicant之前wifi必須先啟動,wpa_supplicnat使用在wifi client端口上。
在測試過程中,如果出現問題,可以在wpa_supplicant啟動時使用參數使其輸出更多的debug信息:
#wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf -dddd
wpa_supplicant啟動后,就可以通過wpa_cli來操作設置了。
wpa_cli操作有兩種方法,一是直接進入CLI控制台操作,如下:
#wpa_cli
| # wpa_cli wpa_cli v0.8.x Copyright (c) 2004-2011, Jouni Malinen <j@w1.fi> and contributors
This program is free software. You can distribute it and/or modify it under the terms of the GNU General Public License version 2.
Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.
Selected interface 'ath0'
Interactive mode
> add 0 > list_network network id / ssid / bssid / flags 0 any [DISABLED] > |
另一種是直接在終端中敲擊完整的命令行操作,如下:
| # wpa_cli -i ath0 set_network 0 ssid '"206"' OK |
這兩種方法的效果是一樣的,主要區別如下:
-
wpa_cli控制台中寫的命令行要簡單些,不需要指定端口(如wpa_cli –i ath0),但寫錯了不能回退,需要重新完整寫入
-
終端寫入的命令行長寫,但寫錯里可以回退重新寫。
-
對於ssid和密碼,終端中操作時需要使用單引號把雙引號的字符包括起來,而cli控制台中只需要雙引號,如下:
| > set_network 0 psk "12345678" OK |
wpa_cli支持的所有命令可以通過help操作來查看
| > help |
以下是我的一個完整的掃描連接過程:
-
啟動wpa_supplicant和wpa_cli.
| # wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf & # wpa_cli |
-
掃描ap
使用scan命令掃描網絡,結束后使用scan_results命令查看網絡。
| > scan OK > driver_atheros_event_wireless: scan result event - SIOCGIWSCAN <3>CTRL-EVENT-SCAN-RESULTS <3>WPS-AP-AVAILABLE
> > scan_results bssid / frequency / signal level / flags / ssid 00:23:68:26:40:c8 2412 36 [ESS] CMCC 00:26:5a:26:33:ac 2437 38 [WPA-PSK-TKIP][WPA2-PSK-TKIP][WPS][ESS] LZ205 > |
-
增加網絡
使用add_network命令增加一個網絡,可以使用list_network查看增加的網絡信息。
| > add_network 0 > list_network network id / ssid / bssid / flags 0 any [DISABLED] |
-
設定網絡連接的ssid和密碼
使用set_network命令設定連接的ap的用戶名和密碼
| > set_network 0 ssid "LZ205" OK > set_network 0 psk "20100208" OK |
-
使能網絡連接
使用enable_network命令使能網絡連接
| > enable_network 0 OK > driver_atheros_event_wireless: scan result event - SIOCGIWSCAN ath0: Trying to associate with 00:26:5a:26:33:ac (SSID='LZ205' freq=2437 MHz) <3>CTRL-EVENT-SCA ieee80211_ioctl_setmlme: os_opmode=1 [ieee80211_ioctl_setmlme] set desired bssid 00:26:5a:26:33:ac N-RESULTS <3>WPS-AP-AVAILABLE <3>Trying to associate with 00:26:5a:26:33:ac (SSID='LZ205' freq=2437 MHz) ath_paprd_cal PAPRD excessive failure disabling PAPRD now ath0: Associated with 00:26:5a:26:33:ac <3>Associated with 00:26:5a:26:33:ac vap-0: mlme_sta_swbmiss_timer_handler: SW Beacon miss!! vap-0: mlme_sta_swbmiss_timer_handler: SW Beacon miss!! vap-0: ieee80211_vap_iter_beacon_miss: Beacon miss, will indicate to OS!! ath0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect <3>WPA: 4-Way Handshake failed - pre-shared key may be incorrect ath0: CTRL-EVENT-DISCONNECTED bssid=00:26:5a:26:33:ac reason=0 <3>CTRL-EVENT-DISCONNECTED bssid=00:26:5a:26:33:ac reason=0 ieee80211_ioctl_setmlme: os_opmode=1 sult event - SIOCGIWSCAN [ieee80211_ioctl_setmlme] set desired bssid 00:26:5a:26:33:ac
<3>CTRL-EVENT-SCAN-RESULTS <3>WPS-AP-AVAILABLE ath0: Trying to associate with 00:26:5a:26:33:ac (SSID='LZ205' freq=2437 MHz) <3>Trying to associate with 00:26:5a:26:33:ac (SSID='LZ205' freq=2437 MHz) ath0: Associated with 00:26:5a:26:33:ac <3>Associated with 00:26:5a:26:33:ac ath0: WPA: Key negotiation completed with 00:26:5a:26:33:ac [PTK=TKIP GTK=TKIP] <3>WPA: Key negotiation completed with 00:26:5a:26:33:ac [PTK=TKIP GTK=TKIP] ath0: CTRL-EVENT-CONNECTED - Connection to 00:26:5a:26:33:ac completed (auth) [id=0 id_str=] <3>CTRL-EVENT-CONNECTED - Connection to 00:26:5a:26:33:ac completed (auth) [id=0 id_str=] |
看到CTRL-EVENT-CONNECTED信息,表示連接完成。
-
狀態查看
使用status命令可以查看網絡狀態,使用quit退出CLI后,可以使用iwconfig命令查看ath0連接狀態。
| > status bssid=00:26:5a:26:33:ac ssid=LZ205 id=0 mode=station pairwise_cipher=TKIP group_cipher=TKIP key_mgmt=WPA2-PSK wpa_state=COMPLETED address=20:13:08:15:16:13 |
-
config保存
使用save命令可以保存當前的連接設置,下次wifi啟動時會自動連接此AP.
保存后,wpa_supplicant.conf文件被自動修改為如下內容:
| ctrl_interface=/var/run/wpa_supplicant update_config=1 device_type=0-00000000-0
network={ ssid="LZ205" psk="20100208" }
|
若希望wifi啟動后自動連接到預先設置的ap,只需按如下設置腳本即可以,如果預先設置里多個ap則每個網絡需要設置優先級參數priority。
| ctrl_interface=/var/run/wpa_supplicant update_config=1
network={ ssid="LZ205" psk="20100208" priority=2 } |