Differences between revisions 11 and 12
Revision 11 as of 2006-12-28 21:15:20
Size: 5417
Editor: ?ReinhardTartler
Comment: 0.5 wpa_supplicant package have entered etch
Revision 12 as of 2007-02-15 23:44:41
Size: 6100
Editor: ?erichaase
Comment:
Deletions are marked like this. Additions are marked like this.
Line 54: Line 54:
=== But I do want to use the roaming feature of wpasupplicant! === === But I want to use the roaming feature of wpasupplicant! ===
Line 56: Line 56:
wpasupplicant can be used as a roaming daemon. You have 2 options to exploit this possibility: wpasupplicant can be used as a roaming daemon and you have 3 options to exploit this possibility:
Line 58: Line 58:
==== Use it as system service and make ifplugd to "activate the interface" ====
[http://packages.debian.org/src:ifplugd ifplugd] has support for wireless networking: Whenever an association to an AP is detected the network will be configured using ifupdown.
This approach assumes that wpasupplicant runs as system service and ifupdown can safely activate a network alias. For detecting the 'correct' alias you can use the [http://packages.debian.org/src:guessnet guessnet] package.

==== Action Scripts ====

wpa_supplicant can call 'hooks' (["WPA/ActionScripts"]) when it enters or leaves a location. This is the ideal place to configure the interface e.g. with the [http://packages.debian.org/src:whereami whereami] package. Just configure whereami and call it with ''whereami --hint $IFACE'' from the action script.

See also wpa_action(8) for an alternative system, where an action script is spawned that controls ifupdown according to action events.
 1. '''Having /etc/network/interfaces handle wpa_supplicant's networks (Etch)''': Within wpa_supplicant.conf, you can assign a value to the 'str_id' variable for each network={...} block in order to uniquely identify that network. The value of this variable can then be used within /etc/network/interfaces to have each wpa_supplicant network activated/configured after a successful connection to an access point. If the 'str_id' variable is not explicitly assigned a value in wpa_supplicant.conf then the variable defaults to 'default'. The following will activate/configure each network in wpa_supplicant.conf with DHCP upon a successful access point connection:
 iface default inet dhcp
 2. '''
Use it as system service and make ifplugd to "activate the interface"''': [http://packages.debian.org/src:ifplugd ifplugd] has support for wireless networking: Whenever an association to an AP is detected the network will be configured using ifupdown. This approach assumes that wpasupplicant runs as system service and ifupdown can safely activate a network alias. For detecting the 'correct' alias you can use the [http://packages.debian.org/src:guessnet guessnet] package.
 3. '''Action Scripts''': wpa_supplicant can call 'hooks' (["WPA/ActionScripts"]) when it enters or leaves a location. This is the ideal place to configure the interface e.g. with the [http://packages.debian.org/src:whereami whereami] package. Just configure whereami and call it with ''whereami --hint $IFACE'' from the action script. See also wpa_action(8) for an alternative system, where an action script is spawned that controls ifupdown according to action events.

WPA support in Debian

This package gives an overview of the status on wpa support in Debian. The [http://packages.debian.org/wpasupplicant wpasupplicant] package is [http://packages.qa.debian.org maintained] by the following people:

  • ?KyleMcMartin

  • ?KelModderman

  • ?ReinhardTartler

You can join development discussions in our [http://lists.alioth.debian.org/mailman/listinfo/pkg-wpa-devel mailing list] on [http://alioth.debian.org/projects/pkg-wpa/ alioth], where we discuss [http://bugs.debian.org/src:wpasupplicant bugs] and future developemnts.

The wpasupplicant_0.5.3 package drops support for madwifi-old drivers. Please upgrade to the current madwifi driver. See below for details

What is WPA

Wi-Fi Protected Access, a wireless encryption standard and alternative to "Wired Equivalent Privacy" (WEP) is well described by [http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access wikipedia]. In order to secure your wireless network you need a WPA enabled access point, and a supplicant, like wpasupplicant installed on your computer.

wpasupplicant in Debian 3.1 (sarge)

In sarge, the wpasupplicant package was configured as system service. This means that you have to edit wpasupplicant parameters like the interface to be managed the ["WPA/DriverBackend"] to /etc/default/wpasupplicant, and provide a suitable /etc/wpasupplicant.conf yourself.

Debian sarge includes [http://packages.debian.org/stable/source/wpasupplicant wpasupplicant 0.3.8]. This branch is currently still supported by upstream, but the recommended branch is the 0.4.x one. You can get an updated package from http://backports.org. Please note that the package from backports.org is based on the 'etch' package, so please read the notes below.

wpasupplicant in Debian testing/unstable (Codename "etch")

In etch, the system service /etc/init.d/wpasupplicant was dropped. The debian package provides integration to /etc/network/interfaces just like the [http://packages.debian.org/wireless-tools wireless-tools package]. This means the wpasupplicant package does no longer provide a system service wpasupplicant itself!

For information how to configure wpasupplicant please refer to [http://svn.debian.org/wsvn/pkg-wpa/trunk/wpasupplicant/debian/README.modes?op=file&rev=0&sc=0 README.modes] (from svn.debian.org), which gives examples for /etc/network/interfaces files.

Upgrade Issues

MadWifi users beware!

The wpasupplicant package in debian 4.0 supports only the so called "madwifi-ng" version of madwifi. Please watch /usr/share/doc/wpasupplicant/NEWS.Debian.gz for information on how to enable support for madwifi-old.

Please also visit the debian pages on the [http://madwifi.org/wiki/UserDocs/Distro/Debian madwifi.org] wiki for information on where to obtain madwifi drivers and support for its use on Debian. The people to consult are [http://madwifi.org/wiki/UserDocs/Distro/Debian#Contact mentioned here].

Upgrading wpasupplicant from a package version <0.4.8-1 will break your setup!

This will happen unless

  1. you are not using the init script and
  2. you are not using /etc/wpa_supplicant.conf.

To restore the old behavior you can either install the init script yourself (Read the [http://svn.debian.org/wsvn/pkg-wpa/trunk/wpasupplicant/debian/NEWS?op=file&rev=0&sc=0 instructions] for this), or use a package which uses wpasupplicant to provide such a system service (note, that such a package doesn't seem to exist at the moment).

Why

We want to improve WPA secured networking and location roaming support in debian. The system service makes it hard to integrate support for packages like [http://packages.debian.org/src:network-manager NetworkManager], which start instances of wpasupplicant themselves. We no longer bother with the system service approach in the basic package itself, but delegate this task to more specialised packages. Therefore the wpasupplicant package provides only basic integration for easy (read: non roaming) cases.

Moreover this approach makes it easier to support more than one interface: Just configure them in /etc/network/interfaces.

But I want to use the roaming feature of wpasupplicant!

wpasupplicant can be used as a roaming daemon and you have 3 options to exploit this possibility:

  1. Having /etc/network/interfaces handle wpa_supplicant's networks (Etch): Within wpa_supplicant.conf, you can assign a value to the 'str_id' variable for each network={...} block in order to uniquely identify that network. The value of this variable can then be used within /etc/network/interfaces to have each wpa_supplicant network activated/configured after a successful connection to an access point. If the 'str_id' variable is not explicitly assigned a value in wpa_supplicant.conf then the variable defaults to 'default'. The following will activate/configure each network in wpa_supplicant.conf with DHCP upon a successful access point connection: iface default inet dhcp

  2. Use it as system service and make ifplugd to "activate the interface": [http://packages.debian.org/src:ifplugd ifplugd] has support for wireless networking: Whenever an association to an AP is detected the network will be configured using ifupdown. This approach assumes that wpasupplicant runs as system service and ifupdown can safely activate a network alias. For detecting the 'correct' alias you can use the [http://packages.debian.org/src:guessnet guessnet] package.

  3. Action Scripts: wpa_supplicant can call 'hooks' (["WPA/ActionScripts"]) when it enters or leaves a location. This is the ideal place to configure the interface e.g. with the [http://packages.debian.org/src:whereami whereami] package. Just configure whereami and call it with whereami --hint $IFACE from the action script. See also wpa_action(8) for an alternative system, where an action script is spawned that controls ifupdown according to action events.