L'icône rouge permet de télécharger chaque page du wiki visitée au format PDF et la grise au format ODT →

Ceci est une ancienne révision du document !

Table des matières

Introduction
- Avertissement
Installation
Utilisation
Sources

wpa-supplicant : configuration wifi

Objet : Configuration d'un réseau WPA avec WPA Supplicant
Niveau requis :
avisé
Commentaires : Vous êtes en ligne de commande et voulez vous connecter à un réseau Wifi WPA.
Suivi :
à-tester,à-compléter
- Création par captnfab le 09/09/2013
- Testé par <…> le <…>
Commentaires sur le forum : ici¹⁾

Introduction

Vous avez un ordinateur portable, et vous connectez souvent de WiFi en WiFi. Le matin, c'est le WiFi de la maison, puis y'a le wifi de la station de métro, le wifi de la gare, le wifi du train (pour les veinards qui en ont un), le wifi du boulot, le wifi des clients, etc. Dans ce cas, vous faîtes déjà certainement du roaming, i.e. de l'itinérance, entre les différents points d'accès qui vous irradient au fil de votre route.

En mode graphique, on connaît bien NetworkManager et Wicd qui sont tous les deux capables de faire du roaming, c'est à dire de détecter les réseaux présents et de se connecter à ceux connus.

NetworkManager peut également être utilisé en mode console. Mais aujourd'hui, nous allons étudier wpasupplicant qui permet déjà de faire cela.

Avertissement

WPA Supplicant et NetworkManager peuvent entrer en conflit s'ils tentent tous deux de gérer la même interface.

Installation

apt-get install wpasupplicant

Utilisation

Tester wpa_supplicant

On supposera que wlan0 est votre interface wifi.

On commence par tuer tous les processus wpa_supplicant tournant :

pkill wpa_supplicant

On va, ensuite, lancer wpa_supplicant en mode debug dans un terminal :

wpa_supplicant -d -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf

wpa_supplicant v2.4
random: Trying to read entropy from /dev/random
Successfully initialized wpa_supplicant
Initializing interface 'wlan0' conf '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' -> '/etc/wpa_supplicant/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf'
ctrl_interface='DIR=/var/run/wpa_supplicant GROUP=netdev'
update_config=1
rfkill: initial event: idx=0 type=1 op=0 soft=0 hard=0
nl80211: Supported cipher 00-0f-ac:1
nl80211: Supported cipher 00-0f-ac:5
nl80211: Supported cipher 00-0f-ac:2
nl80211: Supported cipher 00-0f-ac:4
nl80211: Using driver-based off-channel TX
nl80211: Supported vendor command: vendor_id=0x1018 subcmd=1
nl80211: Use separate P2P group interface (driver advertised support)
nl80211: Enable multi-channel concurrent (driver advertised support)
nl80211: use P2P_DEVICE support
nl80211: interface wlan0 in phy phy0
nl80211: Set mode ifindex 3 iftype 2 (STATION)
nl80211: Subscribe to mgmt frames with non-AP handle 0x1f278a0
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=040a
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=040b
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=040c
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=040d
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=090a
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=090b
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=090c
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=090d
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=0409506f9a09
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=7f506f9a09
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=0801
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=06
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=0a07
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=0a11
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=1101
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=1102
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f278a0 match=0505
netlink: Operstate: ifindex=3 linkmode=1 (userspace-control), operstate=5 (IF_OPER_DORMANT)
nl80211: driver param='(null)'
Add interface wlan0 to a new radio phy0
nl80211: Regulatory information - country=00
nl80211: 2402-2472 @ 40 MHz 20 mBm
nl80211: 2457-2482 @ 20 MHz 20 mBm (no IR)
nl80211: 2474-2494 @ 20 MHz 20 mBm (no OFDM) (no IR)
nl80211: 5170-5250 @ 80 MHz 20 mBm (no IR)
nl80211: 5250-5330 @ 80 MHz 20 mBm (DFS) (no IR)
nl80211: 5490-5730 @ 160 MHz 20 mBm (DFS) (no IR)
nl80211: 5735-5835 @ 80 MHz 20 mBm (no IR)
nl80211: 57240-63720 @ 2160 MHz 0 mBm
nl80211: Added 802.11b mode based on 802.11g information
wlan0: Own MAC address: b8:27:eb:e6:99:85
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=4 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=5 set_tx=0 seq_len=0 key_len=0
wlan0: RSN: flushing PMKID list in the driver
nl80211: Flush PMKIDs
wlan0: State: DISCONNECTED -> INACTIVE
TDLS: TDLS operation not supported by driver
TDLS: Driver uses internal link setup
TDLS: Driver does not support TDLS channel switching
wlan0: WPS: UUID based on MAC address: 60cae311-882e-53bf-8315-b2b6a452bd35
ENGINE: Loading dynamic engine
ENGINE: Loading dynamic engine
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
nl80211: Skip set_supp_port(unauthorized) while not associated
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
ctrl_interface_group=108 (from group name 'netdev')
wlan0: Added interface wlan0
wlan0: State: INACTIVE -> DISCONNECTED
nl80211: Set wlan0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
nl80211: Create interface iftype 10 (P2P_DEVICE)
nl80211: New P2P Device interface p2p-dev-wlan0 (0x9) created
Initializing interface 'p2p-dev-wlan0' conf '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'nl80211' ctrl_interface 'DIR=/var/run/wpa_supplicant GROUP=netdev' bridge 'N/A'
Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' -> '/etc/wpa_supplicant/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf'
ctrl_interface='DIR=/var/run/wpa_supplicant GROUP=netdev'
update_config=1
rfkill: initial event: idx=0 type=1 op=0 soft=0 hard=0
nl80211: Supported cipher 00-0f-ac:1
nl80211: Supported cipher 00-0f-ac:5
nl80211: Supported cipher 00-0f-ac:2
nl80211: Supported cipher 00-0f-ac:4
nl80211: Using driver-based off-channel TX
nl80211: Supported vendor command: vendor_id=0x1018 subcmd=1
nl80211: Use separate P2P group interface (driver advertised support)
nl80211: Enable multi-channel concurrent (driver advertised support)
nl80211: use P2P_DEVICE support
nl80211: interface p2p-dev-wlan0 in phy phy0
nl80211: Set mode ifindex 0 iftype 10 (P2P_DEVICE)
nl80211: Failed to set interface 0 to mode 10: -22 (Invalid argument)
nl80211: Subscribe to mgmt frames with non-AP handle 0x1f39390
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=040a
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=040b
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=040c
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=040d
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=090a
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=090b
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=090c
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=090d
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=0409506f9a09
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=7f506f9a09
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=0801
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=06
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=0a07
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=0a11
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=1101
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=1102
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x1f39390 match=0505
nl80211: Start P2P Device p2p-dev-wlan0 (0x9): Success
nl80211: driver param='(null)'
Add interface p2p-dev-wlan0 to existing radio phy0
nl80211: Regulatory information - country=00
nl80211: 2402-2472 @ 40 MHz 20 mBm
nl80211: 2457-2482 @ 20 MHz 20 mBm (no IR)
nl80211: 2474-2494 @ 20 MHz 20 mBm (no OFDM) (no IR)
nl80211: 5170-5250 @ 80 MHz 20 mBm (no IR)
nl80211: 5250-5330 @ 80 MHz 20 mBm (DFS) (no IR)
nl80211: 5490-5730 @ 160 MHz 20 mBm (DFS) (no IR)
nl80211: 5735-5835 @ 80 MHz 20 mBm (no IR)
nl80211: 57240-63720 @ 2160 MHz 0 mBm
nl80211: Added 802.11b mode based on 802.11g information
p2p-dev-wlan0: Own MAC address: 72:0b:d0:09:94:79
p2p-dev-wlan0: RSN: flushing PMKID list in the driver
nl80211: Flush PMKIDs
p2p-dev-wlan0: State: DISCONNECTED -> INACTIVE
p2p-dev-wlan0: WPS: UUID from the first interface: 60cae311-882e-53bf-8315-b2b6a452bd35
ENGINE: Loading dynamic engine
ENGINE: Loading dynamic engine
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
nl80211: Skip set_supp_port(unauthorized) while not associated
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED

Scanner les points d'accès disponibles

Dans un autre terminal, on va lancer l'interface commande wpa_cli :

wpa_cli -i wlan0

wpa_cli v2.4
Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi> and contributors
 
This software may be distributed under the terms of the BSD license.
See README for more details.
 
Interactive mode
 
>

A partir d'ici, on se retrouve dans l'interface commande de wpa_cli.
Le prompt > doit être affiché.

Lancer un scan des points d'accès :

> scan

OK
> 
<3>CTRL-EVENT-SCAN-STARTED 
> 
<3>CTRL-EVENT-SCAN-RESULTS 
> 
<3>WPS-AP-AVAILABLE

Afficher le résultat du scan :

> scan_results

bssid / frequency / signal level / flags / ssid
42:03:81:d1:d4:53	2457	-16	[WPA-EAP-CCMP][ESS]	FreeWifi_secure
42:03:81:d1:d4:50	2457	-16	[WPA-PSK-CCMP][ESS]	
42:03:81:d1:d4:51	2457	-17	[WPA2-PSK-CCMP][ESS]	
f4:ca:e5:92:3f:58	2422	-64	[WPA-PSK-CCMP][ESS]	Freebox-59C501
f4:ca:e5:92:3f:5a	2422	-64	[WPA2-EAP-CCMP+TKIP][ESS]	FreeWifi_secure
00:19:70:7c:1e:d5	2437	-85	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][WPS][ESS]	Livebox-9a79
42:03:81:d1:d4:52	2457	-16	[ESS]	FreeWifi
f4:ca:e5:92:3f:59	2422	-64	[ESS]	FreeWifi
06:19:70:7c:1e:d5	2437	-87	[ESS]	orange

> quit

Configuration initiale

cp /usr/share/doc/wpasupplicant/examples/wpa-roam.conf /etc/wpa_supplicant/wpa_supplicant.conf

chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf

Dans le fichier /etc/network/interfaces :

/etc/network/interfaces

allow-hotplug wlan0
iface wlan0 inet manual
  wpa-driver      wext
  wpa-roam        /etc/wpa_supplicant/wpa_supplicant.conf
 
# pas d'id_str, 'default' est utilisée comme interface par défaut.
iface default inet dhcp

Si vous n'arriviez pas à faire fonctionner votre carte avec le driver wext, vous pouvez essayer avec le driver nl80211 à la place.

Ajouter un réseau

wpa_passphrase votre-ssid votre-mot-de-passe >> /etc/wpa_supplicant/wpa_supplicant.conf

en remplaçant votre-ssid par le nom de votre réseau Wifi et votre-mot-de-passe par votre mot de passe.

Ceci va ajouter l'entrée suivante à la fin de votre /etc/wpa_supplicant/wpa_supplicant.conf :

/etc/wpa_supplicant/wpa_supplicant.conf

network={
	ssid="votre-ssid"
	#psk="votre-mot-de-passe"
	psk=360b2c805ecd920b79a370af532d2f7636bab7049ed2dc068c2dae17f5e1c38e
}

Pensez à effacer la ligne avec votre mot de passe en clair !

Fixer des paramètres particulier pour un réseau

Dans le fichier /etc/wpa_supplicant/wpa_supplicant.conf :

/etc/wpa_supplicant/wpa_supplicant.conf

network={
        ssid="wifi-maison"
        psk=123456789...
        # Cet id_str indiquera à /sbin/wpa_action de faire un 'ifup maison'
        id_str="maison"
}

Dans le fichier /etc/network/interfaces :

/etc/network/interfaces

# id_str="maison"
iface maison inet static
        address 192.168.0.20
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1

Redémarrer le wifi et chercher à se connecter à un réseau connu

Tapez la comande suivant dans un terminal root :

wpa_cli reconfigure

Vous devriez alors lire un message semblable à celui-ci :

Selected interface 'wlan0' 
OK

Sources

/usr/share/doc/wpasupplicant/README.Debian.gz
#debian@oftc.net (irc anglophone)

¹⁾

N'hésitez pas à y faire part de vos remarques, succès, améliorations ou échecs !

doc/reseau/wpasupplicant.1536862891.txt.gz · Dernière modification: 13/09/2018 20:21 par Beta-Pictoris

Debian-facile