| View previous topic :: View next topic |
| Author |
Message |
bugihush
n00b
Joined: 09 Aug 2010
Posts: 31
Location: Warsaw PL
|
 Posted: Wed Sep 29, 2010 11:25 am Post subject: wpa_supplicant and wpa2 |
 |
|
hi everyone,
I've recently migrate my wireless network from wep to wpa2-personal on openwrt wrt54g. The AP wpa2 is set properly because I can connect to network from win7 system. The problems occurs on linux. I have working wifi card with broadcom-sta package (bcm4312). With wirelles-tools its able to connecto to wep network and with wpa_supplicant still.
wpa_supplicant.conf
| Code: | bugi bugi # cat /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
ap_scan=1
network={
ssid="forfiter"
proto=WPA2
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="12345678"
priority=2
}
|
result of trying connecting
| Code: | bugi bugi # wpa_supplicant -ieth1 -c/etc/wpa_supplicant/wpa_supplicant.conf
Trying to associate with 68:7f:74:3e:6a:c4 (SSID='forfiter' freq=2412 MHz)
ioctl[SIOCSIWAP]: Invalid argument
Association request to the driver failed
Authentication with 68:7f:74:3e:6a:c4 timed out.
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
^CCTRL-EVENT-TERMINATING - signal 2 received
|
well when Ive set AP with wep then wpa_supplicant with wep configurationg was able to connect but generate similiar errors about unable to scan and ioctl[SIOCGIWSCAN] messages.
but after few days of trying I was noticed that when enter on terminal
| Code: |
bugi # cat /etc/wpa_supplicant/wpa_supplicant.conf |
I see only errors but when in another terminal restart iface eth1 then I see
| Code: | bugi bugi # wpa_supplicant -ieth1 -c/etc/wpa_supplicant/wpa_supplicant.conf
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Resource temporarily unavailable
l2_packet_receive - recvfrom: Network is down
Trying to associate with 68:7f:74:3e:6a:c4 (SSID='forfiter' freq=2412 MHz)
ioctl[SIOCSIWAP]: Device or resource busy
Association request to the driver failed
l2_packet_receive - recvfrom: Network is down
Authentication with 68:7f:74:3e:6a:c4 timed out.
Associated with 68:7f:74:3e:6a:c4
CTRL-EVENT-CONNECTED - Connection to 68:7f:74:3e:6a:c4 completed (auth) [id=0 id_str=]
CTRL-EVENT-DISCONNECTED bssid=68:7f:74:3e:6a:c4 reason=0
Associated with 68:7f:74:3e:6a:c4
CTRL-EVENT-CONNECTED - Connection to 68:7f:74:3e:6a:c4 completed (reauth) [id=0 id_str=]
Trying to associate with 68:7f:74:3e:6a:c4 (SSID='forfiter' freq=2412 MHz)
ioctl[SIOCSIWAP]: Device or resource busy
Association request to the driver failed
Associated with 68:7f:74:3e:6a:c4
WPA: Key negotiation completed with 68:7f:74:3e:6a:c4 [PTK=CCMP GTK=CCMP]
CTRL-EVENT-CONNECTED - Connection to 68:7f:74:3e:6a:c4 completed (reauth) [id=1 id_str=]
|
then dhclient eth1 and I was able to ping router iface.
How to solve this issue ?
best regards,
Mariusz |
|
| Back to top |
|
 |
BradN
Advocate
Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)
|
| Posted: Wed Sep 29, 2010 6:42 pm Post subject: |
|
|
| Are you sure you don't need to specify a driver type to wpa_supplicant (on its command line options)? |
|
| Back to top |
|
|
bugihush
n00b
Joined: 09 Aug 2010
Posts: 31
Location: Warsaw PL
|
| Posted: Wed Sep 29, 2010 8:01 pm Post subject: |
|
|
| BradN wrote: | | Are you sure you don't need to specify a driver type to wpa_supplicant (on its command line options)? |
The wpa driver was specified in /etc/conf/net
| Code: |
config_eth1=( "dhcp" )
modules=( "wpa_supplicant" )
wpa_supplicant_eth1="-Dwext"
|
|
|
| Back to top |
|
|
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Wed Sep 29, 2010 8:35 pm Post subject: |
|
|
| bugihush wrote: | | BradN wrote: | | Are you sure you don't need to specify a driver type to wpa_supplicant (on its command line options)? |
The wpa driver was specified in /etc/conf/net
| Code: |
config_eth1=( "dhcp" )
modules=( "wpa_supplicant" )
wpa_supplicant_eth1="-Dwext"
|
|
which isn't used when you run wpa_supplicant from the command-line.
I don't know if it makes a difference here, though. I'm wondering if you aren't missing some key crypto pieces from your kernel (note that wireless-tools supports WEP only)
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
BradN
Advocate
Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)
|
| Posted: Wed Sep 29, 2010 9:29 pm Post subject: |
|
|
I don't think kernel crypto is used with wpa_supplicant, although I could be mistaken.
You could trim your config file down a bit - this should be sufficient (but may not protect against access point spoofing attacks as well):
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
ap_scan=1
network={
ssid="forfiter"
psk="12345678"
}
wpa_supplicant will determine the encryption type automatically (but therein lies the danger - one could spoof a less secure encryption and possibly reverse your key)
I think what's really happening here is wpa_supplicant is using the wrong interface to try to control the wireless parameters and perform scanning.
ioctl[SIOCSIWAP]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument
ioctl[SIOCGIWSCAN]: Invalid argument |
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3468
Location: Canada
|
|
| Back to top |
|
|
bugihush
n00b
Joined: 09 Aug 2010
Posts: 31
Location: Warsaw PL
|
| Posted: Fri Oct 01, 2010 9:53 am Post subject: |
|
|
well my kernel configuration is set properly.
BrandN how to set static eth1 for scanning ? I have specified in /etc/conf.d/net
| Code: | | wpa_supplicant_eth1="-Dwext" |
|
|
| Back to top |
|
|
BradN
Advocate
Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)
|
| Posted: Fri Oct 01, 2010 9:12 pm Post subject: |
|
|
I mean, not that it is using the wrong network interface, but it seems to be using the wrong commands to try to control it.
Try removing the -D option and see if it autodetects correctly. |
|
| Back to top |
|
|
bugihush
n00b
Joined: 09 Aug 2010
Posts: 31
Location: Warsaw PL
|
| Posted: Sat Oct 02, 2010 9:26 am Post subject: |
|
|
| BradN wrote: | I mean, not that it is using the wrong network interface, but it seems to be using the wrong commands to try to control it.
Try removing the -D option and see if it autodetects correctly. |
still the same result
| Code: |
bugi log # iwlist eth1 scan
eth1 Failed to read scan data : Invalid argument
|
Only one way is to start
| Code: | | /etc/init.d/wpa_supplicant |
and next restart iface eth1 and put ctrl^c while scanning .[/code]
| Code: | bugi log # /etc/init.d/net.eth1 restart
net.eth1 | * Bringing up interface eth1
net.eth1 | * Configuring wireless network for eth1
net.eth1 | * Scanning for access points
^Cnet.eth1 | * net.eth1: caught SIGINT, aborting
bugi log #
|
| Code: |
bugi log # iwconfig eth1
eth1 IEEE 802.11bg ESSID:"forfiter" Nickname:""
Mode:Managed Frequency:2.412 GHz Access Point: 68:7F:74:3E:6A:C4
Bit Rate=54 Mb/s Tx-Power:24 dBm
Retry min limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Managementmode:All packets received
Link Quality=5/5 Signal level=-37 dBm Noise level=-91 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:6 Invalid misc:0 Missed beacon:0
bugi log #
|
| Code: | bugi log # wpa_cli
wpa_cli v0.7.2
Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi> and contributors
This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.
Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.
Selected interface 'eth1'
Interactive mode
> status
bssid=68:7f:74:3e:6a:c4
ssid=forfiter
id=1
mode=station
pairwise_cipher=CCMP
group_cipher=CCMP
key_mgmt=WPA2-PSK
wpa_state=COMPLETED
ip_address=192.168.1.152
|
anyone have idea ?
best regards,
Mariusz |
|
| Back to top |
|
|
|
Networking & Security
