Как настроить WiFi
На этой странице расписано как конфигурировать WiFi интерфейс в Debian.
Contents
Если ваше устройство имеет беспроводной интерфейс (контролируемый утилитой iwconfig), он должен быть конфигурирован для подключения к интернету. Если у вас отсутствует интерфейс для устройства, пожалйуста посетите WiFi для получения информации о установке драйвера.
Беспроводной интерфейс может быть настроен с помощью менеджера соединения (например, NetworkManager) или через /etc/network/interfaces с помощью специальных утилит (например, wpa_supplicant). Настройки NetworkManager и wpa_supplicant приведены ниже.
Алгоритм WEP небезопасен, устарел после появления WPA. Использование WEP не рекоменовано и не описано в данной статье.
NetworkManager
NetworkManager настраивается через через графический интерфейс, доступный для GNOME и KDE. Интерфейс не должен быть настроен в файле /etc/network/interfaces.
!Также NetworkManager является интерфейсом для wpa_supplicant.
GNOME
Ensure your user account is a member of the netdev group.
Install the network-manager-gnome package:
$ su # aptitude update # aptitude install network-manager-gnome
- Log out of GNOME, then log back in to your system.
- A new applet (computer icon) will appear in the notification area / system tray. Left-click this icon to present the nm-applet pop-up menu.
- Neighboring wireless networks with a broadcasted SSID should be listed:
- Click on the desired network's name.
- If the network uses WPA encryption with a password (aka passphrase/pre-shared key), you will be prompted to enter it. After providing, click the "Connect" button.
- The wireless network connection will be activated.
- Click "Connect to Other Wireless Network...".
- Enter the network's SSID at "Network Name".
- If encryption is used, select the method from the "Wireless Security" drop-down list (usually "WPA Personal" or "WPA2 Personal").
- Enter the passphrase/pre-shared key at "Password".
- Click the "Connect" button to activate the wireless network connection.
See the NetworkManager page for frequently asked questions, documentation and support references.
KDE
Ensure your user account is a member of the netdev group.
Install the network-manager-kde package:
$ su # aptitude update # aptitude install network-manager-kde
- From the K Menu, select "Run Command". Enter "knetworkmanager" and click "Run".
- A new applet (wallplug/socket icon) will appear in the system tray. Right-click this icon to present the KNetworkManager pop-up menu.
- Neighboring wireless networks with a broadcasted SSID should be listed:
- Click on the desired network's name.
- If the network uses WPA encryption with a password (aka passphrase/pre-shared key), you will be prompted to enter it. After providing, click the "Connect" button.
- The wireless network connection will be activated.
- Click "Connect to Other Wireless Network...".
- Enter the network's name in "Name (ESSID)".
- Tick "Use Encryption" if in use on the network.
- Select the encryption method used (usually "WPA Personal").
- Enter the passphrase/pre-shared key at "Password".
- Select "WPA 1" or "WPA 2" for the protocol version, as used by the network.
- Click the "Connect" button to activate the wireless network connection.
See the NetworkManager page for frequently asked questions, documentation and support references.
Other GUI
The network-manager-kde package will work for icewm and Xfce too
wicd - for Xfce, LXDE, Fluxbox
wicd (Wireless Interface Connection Daemon) is an alternative to NetworkManager. It is environment independent, making it a perfect replacement for other desktop environments (e.g. Xfce, LXDE, Fluxbox, etc.). Like NetworkManager, wicd is configured via a graphical interface. Your wireless interface should not be referenced within Debian's /etc/network/interfaces file.
Lenny users: wicd is not included in Lenny, but is available as a backported package. Configure /etc/apt/sources.list as explained in the Backports page before continuing.
Update the list of available packages and install the wicd package:
$ su # aptitude update # aptitude install wicd
Amend /etc/network/interfaces to contain only the following:
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback
If not already performed, add your regular user account to the netdev group and reload DBus:
# adduser yourusername netdev # /etc/init.d/dbus reload
Start the wicd daemon:
# /etc/init.d/wicd start
Start the wicd GUI with your regular user account:
# exit $ wicd-client -n
See also wicd frequently asked questions.
wpa_supplicant
wpa_supplicant is a WPA client and IEEE 802.1X supplicant.
The wpasupplicant package provides wpa-* ifupdown options for /etc/network/interfaces. If these options are specified, wpa_supplicant is started in the background when your wireless interface is raised and stopped when brought down.
GNOME and KDE users shouldn't configure wpa_supplicant manually. Use NetworkManager as explained above.
Before continuing, install the wpasupplicant package:
$ su # aptitude update # aptitude install wpasupplicant
WPA-PSK and WPA2-PSK
Also known as "WPA Personal" and "WPA2 Personal" respectively.
Restrict the permissions of /etc/network/interfaces, to prevent pre-shared key (PSK) disclosure:
# chmod 0600 /etc/network/interfaces
Open /etc/network/interfaces in a text editor:
# sensible-editor /etc/network/interfaces
Define appropriate stanzas for your wireless interface, along with the SSID and PSK. For example:
auto wlan0 iface wlan0 inet dhcp wpa-ssid mynetworkname wpa-psk mysecretpassphrase
The "auto" stanza will bring your interface up at system startup. If not desired, remove or comment this line.- Save the file and exit the editor.
Bring your interface up. This will start wpa_supplicant as a background process.
# ifup wlan0
Additional wpa-* options are described within /usr/share/doc/wpasupplicant/README.modes.gz. This should also be read if connecting to a network not broadcasting its SSID.
For general /etc/network/interfaces information, see the interfaces(5) man page.
WPA-EAP
For networks using EAP-TLS, you are required to establish a wpa_supplicant configuration file and provide the client-side certificate. An example WPA2-EAP configuration file can be found at /usr/share/doc/wpasupplicant/examples/wpa2-eap-ccmp.conf.
Once available, reference your configuration file in /etc/network/interfaces. For example:
auto wlan0 iface wlan0 inet dhcp wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
More information can be found in the wpa_supplicant.conf(5) man page. A fully-commented wpa_supplicant configuration file example is at /usr/share/doc/wpasupplicant/README.wpa_supplicant.conf.gz.
Switching Connections
To switch between multiple distinct configurations:
GNOME users should use "Menu System > Administration > Network". (n.b. this doesn't work in etch)
- Console users can
use logical interfaces, as
iface wlan_home inet dhcp wpa-ssid mynetworkname wpa-psk mysecretpassphrase
# ifup wlan0=wlan_home
use ifscheme, see the example configuration at alwayssunny.com.
Security consideration
Every member of a network can listen to other members' traffic. (whether it's an unencrypted public hot-spot, or a WEP/WPA/WPA2, or LAN). Use SSL/TLS protocols (https, imaps...) or VPN to preserve your privacy.
- WEP is so insecure that it is basically equivalent to not using any encryption at all.
WPA 1 is deprecated. Use WPA2 instead.
Make sure you use strong pass-phrase.
Network security, see: http://www.aircrack-ng.org/doku.php?id=tutorial.
See Also
WiFi/AdHoc - Establishing a WiFi network without an access point.