Getting WPA working under Network Manager and RT73 [solved]

[paulsiu]

OK, here's compile RT61 and RT2570 as dotpets. Since I don't have either wireless, I am unable to test them. I assume that they will work similarly to rt73.

Note that both driver (if they work) will only work with the patched wpa_supplicant 0.58 that's in the first post. Neither driver will work with the unpatched wpa_supplicant.

If someone can test it and tell me if it works.

[tempestuous]

WAIT! Paul, those drivers appear to be the "beta" versions of the "enhanced legacy" source code.
This code is quite old and will almost certainly NOT work with wpa_supplicant.
When I first started trying to patch wpa_supplicant a few months ago, I read some posts on the rt2x00 forum which discussed a few "tweaks" to the code to fix wpa_supplicant compatibility. These tweaks can only be found in the latest CVS source code (CVS hourly tarball).

[paulsiu]

According to this page:

http://sourceforge.net/project/showfile ... _id=107832

The RT61 1.1.0-b2 beta was release on April 30, 2007, so it is not that old.

The RT2570 1.1.0-b2 on the other hand is from last 2006, so may be it is too old.

Paul

[tempestuous]

Sorry. I didn't notice the change from "b1" to "b2" version.
Yes, your rt61 driver should be fine ... except that you didn't include the firmware in your dotpet, but hopefully Puppy's modprobe wrapper script will associate the current rt61 firmware with the driver and copy it into place from the zdrv file.

I just checked the rt61-1.1.0-b2 README, and I see that the correct firmware location is the same as it was before: /etc/Wireless/RT61STA/

That's interesting, because the rt61-cvs version uses the conventional hotplug mechanism for firmware loading, and this requires that the firmware be located in /lib/firmware/

[tempestuous]

Paul, I have taken your revised network script, and changed it further - to remove the "Atheros" button.
I attached it to the 5th post in this thread. Details there.

[gwood34.5]

By an amazing coincidence, I was looking to upgrade my home network from wep to wpa-psk and a couple of my cards were using the original rt61. Worked for wep, didn't want to do wpa. Long story short, I got the recompiled rt61 and the recommended wpa-supplicant dotpets, installed them, spent some time playing with iw and if config commands, got associated and authorized, ran dhcpcd and all is working fine in Puppy 2.16.1.

I can post all the gory details if there is interest but mostly wanted to thank paulsiu for doing the compile for us, even though he did not have a card that needed it. Thank you and you got it right.

My card is an AirLink AWLH3026, the pciid is 1814:0301.

[tempestuous]

As a postscript to this exercise, I know that many people want and need a WiFi wizard.
Forum member friedsonjm provided this interesting info about the WiFi wizard in PCLinuxOS -

It identifies your hardware, suggests the driver, finds the wireless network, prompts for security info

I personally don't use wizards, but hacking this network script has given me some insights into what makes a wizard useable.
I see these areas of Puppy's Network wizard which I think could be refined -

1. When the wizard prompts the user to choose which detected network interface is to be configured, the interfaces are identified only by their network name: eth0/eth1/wlan0/ath0/ra0 etc
This may be confusing to a new user.
I think the wizard should identify whether the interface is LAN or WIRELESS.
This should (?) be possible by associating the network driver with the interface name. Example:

Puppy has identified these network interfaces on your computer
eth0 LAN "e100" driver
eth1 WIRELESS "ipw2200" driver

2. If the user chooses "WPA" encryption, the wizard should check whether the wifi module in use is WPA-compatible, and stop with a warning if the module is not compatible. For the record, these are the only WPA-compatible drivers -

hostap_cs/hostap_pci/hostap_plx
bcm43xx
ipw2100/ipw2200/ipw3945
ath_pci
rt61/rt73
r8180/r8187
ndiswrapper
zd1211/zd1211b

2. The WPA setup gives the user a choice of "Prism2-3", "Ralink", and "Other".
This seems to me a technical setting which should not be presented to the user at all. The wizard should set the wpa_supplicant -D parameter automatically, depending on what wifi module is in use.

I don't have the necessary scripting skills to effect these suggestions. I'm just putting in my 2 cents worth for anyone else interested in working on this.

[paulsiu]

That was my feeling in regards to the driver selection, too. However, I am guessing that there were problems with auto-detection.

[Dougal]

A couple of weeks ago I looked into associating the different network modules loaded with the different interfaces, but without any success...

I just looked around now and I think I found a way of doing it:

Code: Select all

for AINT in $INTERFACES
do
  AMOD=`readlink /sys/class/net/$AINT/device/driver`
  AMOD=${AMOD##*/}
done

The only question is how to integrate that info into the wizard GUI...


Another thing: the wizard has the following:

Code: Select all

PCI_ETHERNET_DEVICES="`cat /proc/pci | grep -i "ether" | cut -d: -f 2`"

/proc/pci doesn't exist for me. Either it's a kernel 2.4 file, or it lists only pcmcia cards.
A different way to get a list of pci network cards would be:

Code: Select all

PCI_ETHERNET_DEVICES="`scanpci | grep -iF 'ether' | cut -d'[' -f2 | tr -d ']'`"

scanpci could also be used to find the relevant card and see if there's a module loaded for it and interface assigned.

However, this seems like something long and messy that's pointless to do in Bash -- there should be some binary program that finds such info.


Which brings me to my main point: if people say that PCLinuxOS has a good wizard, why don't we steal it?!
Not necessarily the app itself (is it a script or a binary?), we need more info -- maybe they have some utils for finding info about the interfaces?

[paulsiu]

Sorry, I have been away for a bit.

tempestuous,

Since you have made changes to the script, can you make the change to the DotPet and uploaded to Barry? I have no idea how to do this yet. I was planning to do this earlier, but my laptop died and I had to get another one.



---

As for better scanning utility, it's not such a bad idea to look at other Linux distro and see if we can acquire better scanning techniques. This is after all what opensource is for.

If I have some time, I'll take a look at it. Right now, I am weeks away from my wedding, so things are a bit hectic at the moment.

Paul

[tempestuous]

Paul, the revised dotpet is already attached to the 5th post in this thread, but maybe I should now post it as a .tar.gz on the Developer Forum.

[Dougal]

I've ported the net-setup script to gtkdialog3 and added use of gtk-stock icons.

Any ideas of things that might need modifying or adding?

[paulsiu]

Some nice to have feature in the future would be:

1. The ability to get a list of scan address in the area and then selected it and let it generate a profile (automatically use open, WEP, or WPA). Right now, that feature doesn't work all that well.

2. Allow you to build a priority list, so that if a particular ssid appear, we'll attach to that first. Suppose you come home to your house and turn on your computer, and you are surrounded by your neighbor's signal, you should be able to connect to yours first.

[tempestuous]

Dougal, I just noticed that you modified the net-setup.sh script. That's good, but it links to wag-profiles.sh, which is the script that Paul and I have been working on. Could you give this script the gtkdialog3 treatment as well?

And the net-setup.sh script also links to ndiswrapperGUI.sh ... but this uses Xdialog. Can this be changed easily?

[tempestuous]

PaulBx1 asked about WPA2 on the Developer Forum. wpa_supplicant has always supported WPA2, but the Wizard does not (currently) accommodate this mode. In fact wpa_supplicant supports many variations of WPA encryption, but rarsa originally wrote the Wizard to set up only the most common and basic form of WPA encryption: WPA-PSK/TKIP.

To set up any of the other forms of WPA encryption it's necessary to put the correct information into the configuration file, /etc/wpa_supplicant.conf
The latest dotpet version of wpa_supplicant, available here -
http://www.murga-linux.com/puppy/viewto ... 186#121186
includes /etc/wpa_supplicant.conf-examples which will show you many different configurations.
I don't have experience with any of these other configurations, but from reading the documentation I think the only thing in the current /etc/wpa_supplicant.conf which needs to be changed for WPA2 is -

proto=RSN

Though, depending on the settings of the particular wifi router, there are 2 other settings which might need to be changed -

pairwise=CCMP
group=CCMP

[PaulBx1]

tempestuous, I was looking at this example file:

http://tinyurl.com/2qe9w7

I agree with the three selections you have found. However it is interesting that if proto is simply not set, it defaults to "WPA RSN"; if pairwise is not set it defaults to "CCMP TKIP"; if group is not set it defaults to "CCMP TKIP WEP104 WEP40". From what little I know, I don't think we should take these defaults. Instead, in the wizard we should do the following in the current WPA code:

1) Change all references on buttons and such from "WPA" to "WPA/WPA2"
2) Set proto to "RSN WPA"
3) Set pairwise to "CCMP TKIP"
4) Set group to "CCMP TKIP"

The idea here is to use the ability to chose the best possible parameter in each case (the first match from left to right is the one selected), when WPA/WPA2 is selected.

Hmmm, now that I think of it, maybe this won't work. When setting APs for example, you may only be able to enter one thing, not two or more. Depends on the software... And there is the added difficulty in documenting what is going on with these settings. So instead we should have a whole new option (other than WEP and WPA): WPA2. It should have proto=RSN, pairwise=CCMP and group=CCMP just as you said.

I was going to try fiddling with a copy of the wizard to do this, but the code there is greek to me.

[tempestuous]

PaulBx1, your suggestions are good. According to the documentation multiple parameters can be specified, but I would reverse the parameters you suggested, because we need to ensure that the most basic setup is the default, so -

proto=WPA RSN
pairwise=TKIP CCMP
group=TKIP CCMP

Dougal is currently revising the Network Wizard, but we can't just add configuration changes until such changes have been tested.
Can you modify your /etc/wpa_supplicant.conf with these settings and test with a WPA2 router?

[PaulBx1]

Ah, I get your point: let the router setting control what is used, and older routers will know WPA but maybe get confused with WPA2 being tried on them. So we can have the wizard tell the user something like, "Set your AP or router to use either WPA2 (preferred) or WPA protocol, with CCMP (preferred) or TKIP encryption. Only TKIP is supported in WPA protocol." Or something to that effect.

I do have a WPA2 router; I will try it today. All 3 legal combinations (WPA2/CCMP, WPA2/TKIP, WPA/TKIP).

One other recommendation; apparently WPA2 is an alias for RSN in wpa-supplicant.conf. Let's use WPA2 as it is clearer. I will try that too.

Can I do this with standard Puppy 2.16.1 wpa_supplicant?

[PaulBx1]

OK, with standard Puppy 2.16.1 I modified /etc/wpa_supplicant.conf to have this:

Code: Select all

	proto=WPA WPA2
	key_mgmt=WPA-PSK
	pairwise=TKIP CCMP
	group=TKIP CCMP

The linksys router I changed to WPA2 using what they call "AES" (my choices being limited to "AES" or "TKIP+AES"). Works fine!

I'm again thinking CCMP should be first in the list, because if someone with a linksys router selects "TKIP+AES" he is going to end up with the inferior TKIP encryption (if TKIP is placed first in the list). Other routers also probably give this same choice. Note: since the default for pairwise is "CCMP TKIP", it's likely all routers will be able to handle it properly even if they are WPA only.

I did try putting WPA2 before WPA and CCMP before TKIP, leaving the router as it was, and that worked fine too.

I think the wizard should tell the user this: "Set your AP or router to use either WPA2 (preferred) or WPA protocol, with CCMP (preferred) or TKIP cyphers. Note, only TKIP is supported in WPA protocol. Some routers refer to CCMP as AES."

[PaulBx1]

Woops, never mind!

I set the router to WPA using TKIP. Guess what, when set up for WPA2 it can handle a list of protocols and cyphers, but set up for WPA it gets really dumb! It couldn't connect whether I put WPA2 and CCMP first, or WPA and TKIP first. It only connects when I only have WPA and TKIP in the list, period.

So that's telling me, we can forget the list. We need to have separate buttons, one for setting up WPA and the other for setting up WPA2.