Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

openrc, wpa supplicant and wired 802.1X
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
cova
n00b
n00b


Joined: 12 Apr 2010
Posts: 26
PostPosted: Tue Dec 07, 2010 1:42 pm    Post subject: openrc, wpa supplicant and wired 802.1X Reply with quote
Hi all,
I'm facing a quite complex issue so I don't know how to start to handle it.
Scenario:
I'm usign a laptop that has both wireless and wired connections. In my
office I need to connect with wired 802.1X authentication, thus using
wpa_supplicant for eth0. I can also use wireless network, WPA2/EAP.
Moreover, out of office It happens that I can use plain wired
connection or all flavours of wireless connections (open, WPA, WPA2,
etc...)

I still have to find a correct setup to manage this situation seamlessly.
- issue one: I've tried to put in /etc/init.d/net wpa_supplicant
module for both wlan0 and eth0 but eth0 seems ignored (in
wpa_supplicant command line seen with ps I can't see eth0 device, only
wlan0
- workaround: I added a second wpa_supplicant conf file with eth0
connection parameters, but to use it I have to kill the wpa_supplicant
fired up by openrc and star a new one, with both conf for supplicant
(eth0 and wlan0). this is utterly cumbersome.
- another issue: if i keep rf kill on, thus preventing wlan0 to work,
because I plan to connect using wpa on eth0 interface, I can't fire up
wpa_supplicant with init scripts as it fails wit "rfkill on, error"
that is the wrong behaviour. Basically it seems that the init scripts
are not aware of a situation where both wired and wireless interfaces
needs to be managed by wpa_supplicant.

Do you have any hint about how to solve this or can you suggest some
link to study? many thanks in advance.
Back to top
View user's profile Send private message
fturco
Veteran
Veteran


Joined: 08 Dec 2010
Posts: 1181
PostPosted: Fri Dec 10, 2010 6:10 am    Post subject: Reply with quote
please post the content of both /etc/wpa_supplicant/wpa_supplicant.conf and /etc/conf.d/net (remove any password, of course).
Back to top
View user's profile Send private message
cova
n00b
n00b


Joined: 12 Apr 2010
Posts: 26
PostPosted: Mon Dec 13, 2010 11:13 am    Post subject: Reply with quote
fturco wrote:
please post the content of both /etc/wpa_supplicant/wpa_supplicant.conf and /etc/conf.d/net (remove any password, of course).


ok; /etc/conf.d/net is fairly simple:

modules_wlan0="wpa_supplicant netplugd"
modules_eth0="wpa_supplican netplugd"

I've tried also
modules_wlan0="wpa_supplicant netplugd"
modules_eth0="netplugd"


wpa_supplicant is the following:
===============
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=2
ap_scan=0
update_config=1
country=IT

network={
ssid="ssid1"
psk="pwd"
proto=RSN
key_mgmt=WPA-PSK
pairwise=TKIP
auth_alg=OPEN
}

network={
ssid="ssid2"
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP
auth_alg=OPEN
eap=PEAP
identity="id"
disabled=1
}

network={
ssid="ssid3"
psk="pwd3"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP
auth_alg=OPEN
disabled=1
}

network={
ssid=""
key_mgmt=IEEE8021X
auth_alg=OPEN
eap=PEAP
identity="id1"
password="pwd3"
eapol_flags=0
disabled=1
}
===============


Then I've tried another way, that means a wpa_supplicant started by /etc/init.d/wpa_supplicant start (killing the wpa_supplicant started by normal init.d), providing a different command line in /etc/conf.d/wpa_supplicant:

/usr/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant_wired.conf -i eth0 -Dwired -B -c/etc/wpa_supplicant/wpa_supplicant.conf


basically I've the following file:

# conf.d file for wpa_supplicant
#
# Please check man 8 wpa_supplicant for more information about the options
# wpa_supplicant accepts.
#
wpa_supplicant_args="-c/etc/wpa_supplicant/wpa_supplicant_wired.conf -i eth0 -Dwired"

wpa_supplicant_wired.conf is here:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
network={
ssid=""
key_mgmt=IEEE8021X
eap=PEAP
identity="id"
password="pwd"
eapol_flags=0
}




As you can see I've not a good solution and it requires some tweaking each time i turn on the pc, but I can't fnd a correct way to configure the network init scripts to manage with supplicant bot wired and wireless connections.

Thanks for any help.
Back to top
View user's profile Send private message
ewaller
Apprentice
Apprentice


Joined: 11 Aug 2005
Posts: 264
Location: Pasadena, CA
PostPosted: Mon Dec 13, 2010 5:10 pm    Post subject: Reply with quote
Is there a reason for not using something like NetworkManager or wicd ??
_________________
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Back to top
View user's profile Send private message
cova
n00b
n00b


Joined: 12 Apr 2010
Posts: 26
PostPosted: Mon Dec 13, 2010 5:40 pm    Post subject: Reply with quote
ewaller wrote:
Is there a reason for not using something like NetworkManager or wicd ??


Well, my question was about wpa_supplicant and init scripts, so you could have answered me in the same way "is there a reason for not using windows??" Maybe yes, maybe not, but that was not my question :)

Anyway, I've tested network manager (some months ago) and found it cumbersome and not well suited for my needs. Maybe I'll retry it, as well as wicd; my requirements are

- two interfaces managed at the same moment
- unattended network startup (init scripts)
- no gui required for connection
- management of plugging/unplugging of the cable/rfkill

So far wpa_supplicant started at init script level seems to be the best approach and moreover nothing in documentation says that it's not possible. If I can avoid to install other net managers I will be more than happy.
Back to top
View user's profile Send private message
ewaller
Apprentice
Apprentice


Joined: 11 Aug 2005
Posts: 264
Location: Pasadena, CA
PostPosted: Mon Dec 13, 2010 6:57 pm    Post subject: Reply with quote
cova wrote:
Well, my question was about wpa_supplicant and init scripts, so you could have answered me in the same way "is there a reason for not using windows??" Maybe yes, maybe not, but that was not my question :)


Yeah, I understand. I actually dislike it when responders suggest that you abandon what it is you are trying to do and tell you how well their (different) way works and that you should use it. I thought about that before I posted. In reading your OP, I took it that you had a problem and and presented your how you were trying to solve it, but that were not necessarily married to it yet. I just wanted to ensure you had not overlooked an alternative method. :)
_________________
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy