SOLVED - [kind of] 3.0 Shared Key Wireless Error

[tempestuous]

it seems that the connection wizard is still not mature yet for that purpose.

No, that assumption is likely to be wrong.
Since the wpa_supplicant command is failing when run separately, then the Wizard is not at fault.

There are a few instances on the forum of modules failing to load the other modules they depend on, so this is suspect.
I also see that the "insmod" command is faulty, this could have a bearing.
And there are instances of wifi modules failing to load properly early in the boot sequence.

All of these problems require investigation.

[peterw]

Hi,

Sorry about the delay in responding, I am away from home for a few days.
Thanks for the suggestions and pointing out my errors. I am trying to type the correct code. So far I have tried all the ideas without success.

To further the process, I have booted a PCLinux CD which acquires the network connection during the boot process. I have copied the lsmod for it and the wpa_supplicant file (although most it is #ed out and merely instruction). It is shorter than the one in Puppy.

I have also copied Puppy's lsmod before and after modprobeing the encryption modules.

I have also copied Puppy's response to the commands you asked me to try. I hope I have typed them correctly.

Thanks

C Linux Live CD wirelessly connected to NETGEAR DG834G WPA enabled
[root@localhost root]# lsmod
Module Size Used by
wlan_tkip 12224 2
wlan_wep 6784 0
wlan_scan_sta 13792 1
ath_rate_sample 12992 1
ath_pci 96480 0
wlan 204100 6 wlan_tkip,wlan_wep,wlan_scan_sta,ath_rate_sample,ath_pci
ath_hal 191728 3 ath_rate_sample,ath_pci
af_packet 22120 4
snd_seq_dummy 3908 0
snd_seq_oss 32512 0
snd_seq_midi_event 7616 1 snd_seq_oss
snd_seq 52272 5 snd_seq_dummy,snd_seq_oss,snd_seq_midi_event
snd_seq_device 8268 3 snd_seq_dummy,snd_seq_oss,snd_seq
ipv6 257888 12
snd_pcm_oss 43072 0
snd_mixer_oss 16608 1 snd_pcm_oss
snd_hda_intel 19320 1
snd_hda_codec 163072 1 snd_hda_intel
snd_pcm 76868 3 snd_pcm_oss,snd_hda_intel,snd_hda_codec
snd_timer 22884 2 snd_seq,snd_pcm
snd_page_alloc 10152 2 snd_hda_intel,snd_pcm
snd 52708 11 snd_seq_oss,snd_seq,snd_seq_device,snd_pcm_oss,snd_mixer_oss,snd_hda_intel,snd_hda_codec,snd_pcm,snd_timer
soundcore 9824 1 snd
binfmt_misc 11912 1
dm_mirror 21616 0
dm_mod 56440 1 dm_mirror
nvram 9000 0
martian_dev 19156 0
mmc_block 8136 0
sdhci 18476 0
mmc_core 24448 2 mmc_block,sdhci
8250_pci 21120 0
ohci1394 35152 0
ieee1394 297848 1 ohci1394
bttv 172308 0
video_buf 25220 1 bttv
ir_common 28196 1 bttv
compat_ioctl32 1472 1 bttv
i2c_algo_bit 9288 1 bttv
btcx_risc 5096 1 bttv
tveeprom 15056 1 bttv
i2c_core 21376 3 bttv,i2c_algo_bit,tveeprom
videodev 24960 1 bttv
v4l1_compat 14148 1 videodev
v4l2_common 23328 2 bttv,videodev
capability 5000 0
commoncap 7360 1 capability
usbmouse 5696 0
joydev 9920 0
cpufreq_ondemand 6956 0
cpufreq_conservative 7592 0
cpufreq_powersave 1920 0
powernow_k8 14880 0
freq_table 4960 1 powernow_k8
processor 28776 1 powernow_k8
evdev 9888 2
amd64_agp 12644 0
agpgart 32424 1 amd64_agp
usbhid 51712 0
pcmcia 37580 0
firmware_class 10112 2 bttv,pcmcia
yenta_socket 26700 1
rsrc_nonstatic 13792 1 yenta_socket
pcmcia_core 40244 3 pcmcia,yenta_socket,rsrc_nonstatic
aufs 105092 1
usb_storage 80704 0
ehci_hcd 32488 0
ohci_hcd 20516 0
uhci_hcd 23784 0
usbcore 127364 7 usbmouse,usbhid,usb_storage,ehci_hcd,ohci_hcd,uhci_hcd
3w_xxxx 27168 0
mptscsih 23968 0
sx8 18796 0
tmscsim 22784 0
sata_vsc 9156 0
sata_via 10532 0
sata_uli 8100 0
sata_sx4 14532 0
sata_svw 8452 0
sata_sis 8644 0
sata_sil 11912 1
sata_qstor 10180 0
sata_promise 12484 0
sata_nv 11364 0
dmx3191d 12992 0
BusLogic 71380 0
aic7xxx 172084 0
ahci 16900 0
squashfs 48452 1
mptbase 51488 1 mptscsih
scsi_transport_spi 24448 2 dmx3191d,aic7xxx
sd_mod 21216 2
sg 34840 0
ata_piix 14472 0
libata 100820 12 sata_vsc,sata_via,sata_uli,sata_sx4,sata_svw,sata_sis,sata_sil,sata_qstor,sata_promise,sata_nv,ahci,ata_piix
sr_mod 17572 0
scsi_mod 134600 13 usb_storage,3w_xxxx,mptscsih,tmscsim,dmx3191d,BusLogic,aic7xxx,ahci,scsi_transport_spi,sd_mod,sg,libata,sr_mod
loop 16328 2
ide_cd 39712 1
cdrom 36928 2 sr_mod,ide_cd
isofs 35484 1
nls_utf8 2208 0
ntfs 269948 0
vfat 13280 0
msdos 9792 0
fat 53148 2 vfat,msdos
reiserfs 256676 0
ext3 135016 0
jbd 57576 1 ext3
nls_cp437 5952 0
nls_iso8859_2 4864 0
nls_iso8859_1 4288 1
[root@localhost root]#


wpa_supplicant.conf from PCLinux

##### Example wpa_supplicant configuration file ###############################
#
# This file describes configuration file format and lists all available option.
# Please also take a look at simpler configuration examples in 'examples'
# subdirectory.
#
# Empty lines and lines starting with # are ignored

# NOTE! This file may contain password information and should probably be made
# readable only by root user on multiuser systems.

# Note: All file paths in this configuration file should use full (absolute,
# not relative to working directory) path in order to allow working directory
# to be changed. This can happen if wpa_supplicant is run in the background.

# Whether to allow wpa_supplicant to update (overwrite) configuration
#
# This option can be used to allow wpa_supplicant to overwrite configuration
# file whenever configuration is changed (e.g., new network block is added with
# wpa_cli or wpa_gui, or a password is changed). This is required for
# wpa_cli/wpa_gui to be able to store the configuration changes permanently.
# Please note that overwriting configuration file will remove the comments from
# it.
#update_config=1

# global configuration (shared by all network blocks)
#
# Parameters for the control interface. If this is specified, wpa_supplicant
# will open a control interface that is available for external programs to
# manage wpa_supplicant. The meaning of this string depends on which control
# interface mechanism is used. For all cases, the existance of this parameter
# in configuration is used to determine whether the control interface is
# enabled.
#
# For UNIX domain sockets (default on Linux and BSD): This is a directory that
# will be created for UNIX domain sockets for listening to requests from
# external programs (CLI/GUI, etc.) for status information and configuration.
# The socket file will be named based on the interface name, so multiple
# wpa_supplicant processes can be run at the same time if more than one
# interface is used.
# /var/run/wpa_supplicant is the recommended directory for sockets and by
# default, wpa_cli will use it when trying to connect with wpa_supplicant.
#
# Access control for the control interface can be configured by setting the
# directory to allow only members of a group to use sockets. This way, it is
# possible to run wpa_supplicant as root (since it needs to change network
# configuration and open raw sockets) and still allow GUI/CLI components to be
# run as non-root users. However, since the control interface can be used to
# change the network configuration, this access needs to be protected in many
# cases. By default, wpa_supplicant is configured to use gid 0 (root). If you
# want to allow non-root users to use the control interface, add a new group
# and change this value to match with that group. Add users that should have
# control interface access to this group. If this variable is commented out or
# not included in the configuration file, group will not be changed from the
# value it got by default when the directory or socket was created.
#
# When configuring both the directory and group, use following format:
# DIR=/var/run/wpa_supplicant GROUP=wheel
# DIR=/var/run/wpa_supplicant GROUP=0
# (group can be either group name or gid)
#
# For UDP connections (default on Windows): The value will be ignored. This
# variable is just used to select that the control interface is to be created.
# The value can be set to, e.g., udp (ctrl_interface=udp)
#
# For Windows Named Pipe: This value can be used to set the security descriptor
# for controlling access to the control interface. Security descriptor can be
# set using Security Descriptor String Format (see http://msdn.microsoft.com/
# library/default.asp?url=/library/en-us/secauthz/security/
# security_descriptor_string_format.asp). The descriptor string needs to be
# prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set an empty
# DACL (which will reject all connections). See README-Windows.txt for more
# information about SDDL string format.
#
ctrl_interface=/var/run/wpa_supplicant

# IEEE 802.1X/EAPOL version
# wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines
# EAPOL version 2. However, there are many APs that do not handle the new
# version number correctly (they seem to drop the frames completely). In order
# to make wpa_supplicant interoperate with these APs, the version number is set
# to 1 by default. This configuration value can be used to set it to the new
# version (2).
eapol_version=1

# AP scanning/selection
# By default, wpa_supplicant requests driver to perform AP scanning and then
# uses the scan results to select a suitable AP. Another alternative is to
# allow the driver to take care of AP scanning and selection and use
# wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association
# information from the driver.
# 1: wpa_supplicant initiates scanning and AP selection
# 0: driver takes care of scanning, AP selection, and IEEE 802.11 association
# parameters (e.g., WPA IE generation); this mode can also be used with
# non-WPA drivers when using IEEE 802.1X mode; do not try to associate with
# APs (i.e., external program needs to control association). This mode must
# also be used when using wired Ethernet drivers.
# 2: like 0, but associate with APs using security policy and SSID (but not
# BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to
# enable operation with hidden SSIDs and optimized roaming; in this mode,
# the network blocks in the configuration file are tried one by one until
# the driver reports successful association; each network block should have
# explicit security policy (i.e., only one option in the lists) for
# key_mgmt, pairwise, group, proto variables
ap_scan=1

# EAP fast re-authentication
# By default, fast re-authentication is enabled for all EAP methods that
# support it. This variable can be used to disable fast re-authentication.
# Normally, there is no need to disable this.
fast_reauth=1

# OpenSSL Engine support
# These options can be used to load OpenSSL engines.
# The two engines that are supported currently are shown below:
# They are both from the opensc project (http://www.opensc.org/)
# By default no engines are loaded.
# make the opensc engine available
#opensc_engine_path=/usr/lib/opensc/engine_opensc.so
# make the pkcs11 engine available
#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
# configure the path to the pkcs11 module required by the pkcs11 engine
#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so

# Dynamic EAP methods
# If EAP methods were built dynamically as shared object files, they need to be
# loaded here before being used in the network blocks. By default, EAP methods
# are included statically in the build, so these lines are not needed
#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so
#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so

# Driver interface parameters
# This field can be used to configure arbitrary driver interace parameters. The
# format is specific to the selected driver interface. This field is not used
# in most cases.
#driver_param="field=value"

# Maximum lifetime for PMKSA in seconds; default 43200
#dot11RSNAConfigPMKLifetime=43200
# Threshold for reauthentication (percentage of PMK lifetime); default 70
#dot11RSNAConfigPMKReauthThreshold=70
# Timeout for security association negotiation in seconds; default 60
#dot11RSNAConfigSATimeout=60

# network block
#
# Each network (usually AP's sharing the same SSID) is configured as a separate
# block in this configuration file. The network blocks are in preference order
# (the first match is used).
#
# network block fields:
#
# disabled:
# 0 = this network can be used (default)
# 1 = this network block is disabled (can be enabled through ctrl_iface,
# e.g., with wpa_cli or wpa_gui)
#
# id_str: Network identifier string for external scripts. This value is passed
# to external action script through wpa_cli as WPA_ID_STR environment
# variable to make it easier to do network specific configuration.
#
# ssid: SSID (mandatory); either as an ASCII string with double quotation or
# as hex string; network name
#
# scan_ssid:
# 0 = do not scan this SSID with specific Probe Request frames (default)
# 1 = scan with SSID-specific Probe Request frames (this can be used to
# find APs that do not accept broadcast SSID or use multiple SSIDs;
# this will add latency to scanning, so enable this only when needed)
#
# bssid: BSSID (optional); if set, this network block is used only when
# associating with the AP using the configured BSSID
#
# priority: priority group (integer)
# By default, all networks will get same priority group (0). If some of the
# networks are more desirable, this field can be used to change the order in
# which wpa_supplicant goes through the networks when selecting a BSS. The
# priority groups will be iterated in decreasing priority (i.e., the larger the
# priority value, the sooner the network is matched against the scan results).
# Within each priority group, networks will be selected based on security
# policy, signal strength, etc.
# Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are not
# using this priority to select the order for scanning. Instead, they try the
# networks in the order that used in the configuration file.
#
# mode: IEEE 802.11 operation mode
# 0 = infrastructure (Managed) mode, i.e., associate with an AP (default)
# 1 = IBSS (ad-hoc, peer-to-peer)
# Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP)
# and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In addition, ap_scan has
# to be set to 2 for IBSS. WPA-None requires following network block options:
# proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or CCMP, but not
# both), and psk must also be set.
#
# proto: list of accepted protocols
# WPA = WPA/IEEE 802.11i/D3.0
# RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN)
# If not set, this defaults to: WPA RSN
#
# key_mgmt: list of accepted authenticated key management protocols
# WPA-PSK = WPA pre-shared key (this requires 'psk' field)
# WPA-EAP = WPA using EAP authentication (this can use an external
# program, e.g., Xsupplicant, for IEEE 802.1X EAP Authentication
# IEEE8021X = IEEE 802.1X using EAP authentication and (optionally) dynamically
# generated WEP keys
# NONE = WPA is not used; plaintext or static WEP could be used
# If not set, this defaults to: WPA-PSK WPA-EAP
#
# auth_alg: list of allowed IEEE 802.11 authentication algorithms
# OPEN = Open System authentication (required for WPA/WPA2)
# SHARED = Shared Key authentication (requires static WEP keys)
# LEAP = LEAP/Network EAP (only used with LEAP)
# If not set, automatic selection is used (Open System with LEAP enabled if
# LEAP is allowed as one of the EAP methods).
#
# pairwise: list of accepted pairwise (unicast) ciphers for WPA
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
# NONE = Use only Group Keys (deprecated, should not be included if APs support
# pairwise keys)
# If not set, this defaults to: CCMP TKIP
#
# group: list of accepted group (broadcast/multicast) ciphers for WPA
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
# WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key
# WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE 802.11]
# If not set, this defaults to: CCMP TKIP WEP104 WEP40
#
# psk: WPA preshared key; 256-bit pre-shared key
# The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e.,
# 32 bytes or as an ASCII passphrase (in which case, the real PSK will be
# generated using the passphrase and SSID). ASCII passphrase must be between
# 8 and 63 characters (inclusive).
# This field is not needed, if WPA-EAP is used.
# Note: Separate tool, wpa_passphrase, can be used to generate 256-bit keys
# from ASCII passphrase. This process uses lot of CPU and wpa_supplicant
# startup and reconfiguration time can be optimized by generating the PSK only
# only when the passphrase or SSID has actually changed.
#
# eapol_flags: IEEE 802.1X/EAPOL options (bit field)
# Dynamic WEP key required for non-WPA mode
# bit0 (1): require dynamically generated unicast WEP key
# bit1 (2): require dynamically generated broadcast WEP key
# (3 = require both keys; default)
# Note: When using wired authentication, eapol_flags must be set to 0 for the
# authentication to be completed successfully.
#
# proactive_key_caching:
# Enable/disable opportunistic PMKSA caching for WPA2.
# 0 = disabled (default)
# 1 = enabled
#
# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or
# hex without quotation, e.g., 0102030405)
# wep_tx_keyidx: Default WEP key index (TX) (0..3)
#
# stakey: Whether STAKey negotiation for direct links (IEEE 802.11e) is
# allowed. This is only used with RSN/WPA2.
# 0 = disabled (default)
# 1 = enabled
#stakey=1
#
# Following fields are only used with internal EAP implementation.
# eap: space-separated list of accepted EAP methods
# MD5 = EAP-MD5 (unsecure and does not generate keying material ->
# cannot be used with WPA; to be used as a Phase 2 method
# with EAP-PEAP or EAP-TTLS)
# MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with WPA; to be used
# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
# OTP = EAP-OTP (cannot be used separately with WPA; to be used
# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
# GTC = EAP-GTC (cannot be used separately with WPA; to be used
# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
# TLS = EAP-TLS (client and server certificate)
# PEAP = EAP-PEAP (with tunnelled EAP authentication)
# TTLS = EAP-TTLS (with tunnelled EAP or PAP/CHAP/MSCHAP/MSCHAPV2
# authentication)
# If not set, all compiled in methods are allowed.
#
# identity: Identity string for EAP
# anonymous_identity: Anonymous identity string for EAP (to be used as the
# unencrypted identity with EAP types that support different tunnelled
# identity, e.g., EAP-TTLS)
# password: Password string for EAP
# ca_cert: File path to CA certificate file (PEM/DER). This file can have one
# or more trusted CA certificates. If ca_cert and ca_path are not
# included, server certificate will not be verified. This is insecure and
# a trusted CA certificate should always be configured when using
# EAP-TLS/TTLS/PEAP. Full path should be used since working directory may
# change when wpa_supplicant is run in the background.
# On Windows, trusted CA certificates can be loaded from the system
# certificate store by setting this to cert_store://<name>, e.g.,
# ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT".
# Note that when running wpa_supplicant as an application, the user
# certificate store (My user account) is used, whereas computer store
# (Computer account) is used when running wpasvc as a service.
# ca_path: Directory path for CA certificate files (PEM). This path may
# contain multiple CA certificates in OpenSSL format. Common use for this
# is to point to system trusted CA list which is often installed into
# directory like /etc/ssl/certs. If configured, these certificates are
# added to the list of trusted CAs. ca_cert may also be included in that
# case, but it is not required.
# client_cert: File path to client certificate file (PEM/DER)
# Full path should be used since working directory may change when
# wpa_supplicant is run in the background.
# Alternatively, a named configuration blob can be used by setting this
# to blob://<blob name>.
# private_key: File path to client private key file (PEM/DER/PFX)
# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be
# commented out. Both the private key and certificate will be read from
# the PKCS#12 file in this case. Full path should be used since working
# directory may change when wpa_supplicant is run in the background.
# Windows certificate store can be used by leaving client_cert out and
# configuring private_key in one of the following formats:
# cert://substring_to_match
# hash://certificate_thumbprint_in_hex
# for example: private_key="hash://63093aa9c47f56ae88334c7b65a4"
# Note that when running wpa_supplicant as an application, the user
# certificate store (My user account) is used, whereas computer store
# (Computer account) is used when running wpasvc as a service.
# Alternatively, a named configuration blob can be used by setting this
# to blob://<blob name>.
# private_key_passwd: Password for private key file (if left out, this will be
# asked through control interface)
# dh_file: File path to DH/DSA parameters file (in PEM format)
# This is an optional configuration file for setting parameters for an
# ephemeral DH key exchange. In most cases, the default RSA
# authentication does not use this configuration. However, it is possible
# setup RSA to use ephemeral DH key exchange. In addition, ciphers with
# DSA keys always use ephemeral DH keys. This can be used to achieve
# forward secrecy. If the file is in DSA parameters format, it will be
# automatically converted into DH params.
# subject_match: Substring to be matched against the subject of the
# authentication server certificate. If this string is set, the server
# sertificate is only accepted if it contains this string in the subject.
# The subject string is in following format:
# /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@example.com
# altsubject_match: Substring to be matched against the alternative subject
# name of the authentication server certificate. If this string is set,
# the server sertificate is only accepted if it contains this string in
# an alternative subject name extension.
# altSubjectName string is in following format: TYPE:VALUE
# Example: DNS:server.example.com
# Following types are supported: EMAIL, DNS, URI
# phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters
# (string with field-value pairs, e.g., "peapver=0" or
# "peapver=1 peaplabel=1")
# 'peapver' can be used to force which PEAP version (0 or 1) is used.
# 'peaplabel=1' can be used to force new label, "client PEAP encryption",
# to be used during key derivation when PEAPv1 or newer. Most existing
# PEAPv1 implementation seem to be using the old label, "client EAP
# encryption", and wpa_supplicant is now using that as the default value.
# Some servers, e.g., Radiator, may require peaplabel=1 configuration to
# interoperate with PEAPv1; see eap_testing.txt for more details.
# 'peap_outer_success=0' can be used to terminate PEAP authentication on
# tunneled EAP-Success. This is required with some RADIUS servers that
# implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g.,
# Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode)
# include_tls_length=1 can be used to force wpa_supplicant to include
# TLS Message Length field in all TLS messages even if they are not
# fragmented.
# sim_min_num_chal=3 can be used to configure EAP-SIM to require three
# challenges (by default, it accepts 2 or 3)
# phase2: Phase2 (inner authentication with TLS tunnel) parameters
# (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or
# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS)
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.
# ca_cert2: File path to CA certificate file. This file can have one or more
# trusted CA certificates. If ca_cert2 and ca_path2 are not included,
# server certificate will not be verified. This is insecure and a trusted
# CA certificate should always be configured.
# ca_path2: Directory path for CA certificate files (PEM)
# client_cert2: File path to client certificate file
# private_key2: File path to client private key file
# private_key2_passwd: Password for private key file
# dh_file2: File path to DH/DSA parameters file (in PEM format)
# subject_match2: Substring to be matched against the subject of the
# authentication server certificate.
# altsubject_match2: Substring to be matched against the alternative subject
# name of the authentication server certificate.
#
# fragment_size: Maximum EAP fragment size in bytes (default 1398).
# This value limits the fragment size for EAP methods that support
# fragmentation (e.g., EAP-TLS and EAP-PEAP). This value should be set
# small enough to make the EAP messages fit in MTU of the network
# interface used for EAPOL. The default value is suitable for most
# cases.
#
# EAP-PSK variables:
# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format
# nai: user NAI
#
# EAP-PAX variables:
# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format
#
# EAP-SAKE variables:
# eappsk: 32-byte (256-bit, 64 hex digits) pre-shared key in hex format
# (this is concatenation of Root-Secret-A and Root-Secret-B)
# nai: user NAI (PEERID)
#
# EAP-GPSK variables:
# eappsk: Pre-shared key in hex format (at least 128 bits, i.e., 32 hex digits)
# nai: user NAI (ID_Client)
#
# EAP-FAST variables:
# pac_file: File path for the PAC entries. wpa_supplicant will need to be able
# to create this file and write updates to it when PAC is being
# provisioned or refreshed. Full path to the file should be used since
# working directory may change when wpa_supplicant is run in the
# background. Alternatively, a named configuration blob can be used by
# setting this to blob://<blob name>
# phase1: fast_provisioning=1 option enables in-line provisioning of EAP-FAST
# credentials (PAC)
#
# wpa_supplicant supports number of "EAP workarounds" to work around
# interoperability issues with incorrectly behaving authentication servers.
# These are enabled by default because some of the issues are present in large
# number of authentication servers. Strict EAP conformance mode can be
# configured by disabling workarounds with eap_workaround=0.

# Example blocks:

# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers
# network={
# ssid="simple"
# psk="very secret passphrase"
# priority=5
# }

# Same as previous, but request SSID-specific scanning (for APs that reject
# broadcast SSID)
# network={
# ssid="second ssid"
# scan_ssid=1
# psk="very secret passphrase"
# priority=2
# }

# Only WPA-PSK is used. Any valid cipher combination is accepted.
# network={
# ssid="example"
# proto=WPA
# key_mgmt=WPA-PSK
# pairwise=CCMP TKIP
# group=CCMP TKIP WEP104 WEP40
# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
# priority=2
# }

# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104
# or WEP40 as the group cipher will not be accepted.
# network={
# ssid="example"
# proto=RSN
# key_mgmt=WPA-EAP
# pairwise=CCMP TKIP
# group=CCMP TKIP
# eap=TLS
# identity="user@example.com"
# ca_cert="/etc/cert/ca.pem"
# client_cert="/etc/cert/user.pem"
# private_key="/etc/cert/user.prv"
# private_key_passwd="password"
# priority=1
# }

# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel
# (e.g., Radiator)
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=PEAP
# identity="user@example.com"
# password="foobar"
# ca_cert="/etc/cert/ca.pem"
# phase1="peaplabel=1"
# phase2="auth=MSCHAPV2"
# priority=10
# }

# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the
# unencrypted use. Real identity is sent only within an encrypted TLS tunnel.
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=TTLS
# identity="user@example.com"
# anonymous_identity="anonymous@example.com"
# password="foobar"
# ca_cert="/etc/cert/ca.pem"
# priority=2
# }

# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted
# use. Real identity is sent only within an encrypted TLS tunnel.
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=TTLS
# identity="user@example.com"
# anonymous_identity="anonymous@example.com"
# password="foobar"
# ca_cert="/etc/cert/ca.pem"
# phase2="auth=MSCHAPV2"
# }

# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner
# authentication.
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=TTLS
# # Phase1 / outer authentication
# anonymous_identity="anonymous@example.com"
# ca_cert="/etc/cert/ca.pem"
# # Phase 2 / inner authentication
# phase2="autheap=TLS"
# ca_cert2="/etc/cert/ca2.pem"
# client_cert2="/etc/cer/user.pem"
# private_key2="/etc/cer/user.prv"
# private_key2_passwd="password"
# priority=2
# }

# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and
# group cipher.
# network={
# ssid="example"
# bssid=00:11:22:33:44:55
# proto=WPA RSN
# key_mgmt=WPA-PSK WPA-EAP
# pairwise=CCMP
# group=CCMP
# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
# }

# Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP
# and all valid ciphers.
# network={
# ssid=00010203
# psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
# }


# EAP-SIM with a GSM SIM or USIM
# network={
# ssid="eap-sim-test"
# key_mgmt=WPA-EAP
# eap=SIM
# pin="1234"
# pcsc=""
# }


# EAP-PSK
# network={
# ssid="eap-psk-test"
# key_mgmt=WPA-EAP
# eap=PSK
# identity="eap_psk_user"
# eappsk=06b4be19da289f475aa46a33cb793029
# nai="eap_psk_user@example.com"
# }


# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using
# EAP-TLS for authentication and key generation; require both unicast and
# broadcast WEP keys.
# network={
# ssid="1x-test"
# key_mgmt=IEEE8021X
# eap=TLS
# identity="user@example.com"
# ca_cert="/etc/cert/ca.pem"
# client_cert="/etc/cert/user.pem"
# private_key="/etc/cert/user.prv"
# private_key_passwd="password"
# eapol_flags=3
# }


# LEAP with dynamic WEP keys
# network={
# ssid="leap-example"
# key_mgmt=IEEE8021X
# eap=LEAP
# identity="user"
# password="foobar"
# }

# EAP-FAST with WPA (WPA or WPA2)
# network={
# ssid="eap-fast-test"
# key_mgmt=WPA-EAP
# eap=FAST
# anonymous_identity="FAST-000102030405"
# identity="username"
# password="password"
# phase1="fast_provisioning=1"
# pac_file="/etc/wpa_supplicant.eap-fast-pac"
# }

# network={
# ssid="eap-fast-test"
# key_mgmt=WPA-EAP
# eap=FAST
# anonymous_identity="FAST-000102030405"
# identity="username"
# password="password"
# phase1="fast_provisioning=1"
# pac_file="blob://eap-fast-pac"
# }

# Plaintext connection (no WPA, no IEEE 802.1X)
# network={
# ssid="plaintext-test"
# key_mgmt=NONE
# }


# Shared WEP key connection (no WPA, no IEEE 802.1X)
# network={
# ssid="static-wep-test"
# key_mgmt=NONE
# wep_key0="abcde"
# wep_key1=0102030405
# wep_key2="1234567890123"
# wep_tx_keyidx=0
# priority=5
# }


# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key
# IEEE 802.11 authentication
# network={
# ssid="static-wep-test2"
# key_mgmt=NONE
# wep_key0="abcde"
# wep_key1=0102030405
# wep_key2="1234567890123"
# wep_tx_keyidx=0
# priority=5
# auth_alg=SHARED
# }


# IBSS/ad-hoc network with WPA-None/TKIP.
# network={
# ssid="test adhoc"
# mode=1
# proto=WPA
# key_mgmt=WPA-NONE
# pairwise=NONE
# group=TKIP
# psk="secret passphrase"
# }


# Catch all example that allows more or less all configuration modes
# network={
# ssid="example"
# scan_ssid=1
# key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
# pairwise=CCMP TKIP
# group=CCMP TKIP WEP104 WEP40
# psk="very secret passphrase"
# eap=TTLS PEAP TLS
# identity="user@example.com"
# password="foobar"
# ca_cert="/etc/cert/ca.pem"
# client_cert="/etc/cert/user.pem"
# private_key="/etc/cert/user.prv"
# private_key_passwd="password"
# phase1="peaplabel=0"
# }

# Example of EAP-TLS with smartcard (openssl engine)
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=TLS
# proto=RSN
# pairwise=CCMP TKIP
# group=CCMP TKIP
# identity="user@example.com"
# ca_cert="/etc/cert/ca.pem"
# client_cert="/etc/cert/user.pem"
#
# engine=1
#
# # The engine configured here must be available. Look at
# # OpenSSL engine support in the global section.
# # The key available through the engine must be the private key
# # matching the client certificate configured above.
#
# # use the opensc engine
# #engine_id="opensc"
# #key_id="45"
#
# # use the pkcs11 engine
# engine_id="pkcs11"
# key_id="id_45"
#
# # Optional PIN configuration; this can be left out and PIN will be
# # asked through the control interface
# pin="1234"
# }

# Example configuration showing how to use an inlined blob as a CA certificate
# data instead of using external file
# network={
# ssid="example"
# key_mgmt=WPA-EAP
# eap=TTLS
# identity="user@example.com"
# anonymous_identity="anonymous@example.com"
# password="foobar"
# ca_cert="blob://exampleblob"
# priority=20
# }

blob-base64-exampleblob={
SGVsbG8gV29ybGQhCg==
}


# Wildcard match for SSID (plaintext APs only). This example select any
# open AP regardless of its SSID.
# network={
# key_mgmt=NONE
# }

network={
psk="xxxxxxxxxxxxxxxxx"
scan_ssid=1
ssid="XXXXXXXXXXXXX"
}

Puppy 3.01 Live CD

lsmod before modprobe action
# lsmod
Module Size Used by
snd_pcm_oss 41888 0
snd_mixer_oss 16896 1 snd_pcm_oss
usblp 14080 0
wlan_scan_sta 13440 1
ath_rate_sample 13696 1
ath_pci 96800 0
wlan 206020 4 wlan_scan_sta,ath_rate_sample,ath_pci
ath_hal 191568 3 ath_rate_sample,ath_pci
8139too 25088 0
mii 5888 1 8139too
sdhci 17548 0
mmc_block 8712 0
mmc_core 27284 2 sdhci,mmc_block
yenta_socket 26892 2
rsrc_nonstatic 13312 1 yenta_socket
snd_hda_intel 289308 0
snd_pcm 75656 2 snd_pcm_oss,snd_hda_intel
snd_timer 22020 1 snd_pcm
snd_page_alloc 10120 2 snd_hda_intel,snd_pcm
snd_hwdep 9220 1 snd_hda_intel
snd 52068 6 snd_pcm_oss,snd_mixer_oss,snd_hda_intel,snd_pcm, snd_timer,snd_hwdep
soundcore 7520 1 snd
i2c_piix4 8716 0
i2c_core 22032 1 i2c_piix4
fuse 44052 0
unionfs 83732 1
nls_iso8859_1 4224 0
nls_cp437 5888 0
usbhid 24928 0
usb_storage 83264 0
ehci_hcd 31116 0
ohci_hcd 21252 0
usbcore 127128 6 usblp,usbhid,usb_storage,ehci_hcd,ohci_hcd
sr_mod 17188 0
ide_cd 39200 0
cdrom 36768 2 sr_mod,ide_cd
squashfs 47620 1

lsmod after modprobe activity

# ifconfig ath0 up
# lsmod
Module Size Used by
michael_mic 2688 0
aes 28224 0
crc32c 2176 0
libcrc32c 2816 1 crc32c
ecb 3584 0
blkcipher 6532 1 ecb
arc4 2176 0
snd_pcm_oss 41888 0
snd_mixer_oss 16896 1 snd_pcm_oss
usblp 14080 0
wlan_scan_sta 13440 1
ath_rate_sample 13696 1
ath_pci 96800 0
wlan 206020 4 wlan_scan_sta,ath_rate_sample,ath_pci
ath_hal 191568 3 ath_rate_sample,ath_pci
8139too 25088 0
mii 5888 1 8139too
sdhci 17548 0
mmc_block 8712 0
mmc_core 27284 2 sdhci,mmc_block
yenta_socket 26892 2
rsrc_nonstatic 13312 1 yenta_socket
snd_hda_intel 289308 0
snd_pcm 75656 2 snd_pcm_oss,snd_hda_intel
snd_timer 22020 1 snd_pcm
snd_page_alloc 10120 2 snd_hda_intel,snd_pcm
snd_hwdep 9220 1 snd_hda_intel
snd 52068 6 snd_pcm_oss,snd_mixer_oss,snd_hda_intel,snd_pcm, snd_timer,snd_hwdep
soundcore 7520 1 snd
i2c_piix4 8716 0
i2c_core 22032 1 i2c_piix4
fuse 44052 0
unionfs 83732 1
nls_iso8859_1 4224 0
nls_cp437 5888 0
usbhid 24928 0
usb_storage 83264 0
ehci_hcd 31116 0
ohci_hcd 21252 0
usbcore 127128 6 usblp,usbhid,usb_storage,ehci_hcd,ohci_hcd
sr_mod 17188 0
ide_cd 39200 0
cdrom 36768 2 sr_mod,ide_cd
squashfs 47620 1
# rm /var/run/wpa_supplicant/*

After rm var/run/wpa_supplicant/*

# rm /var/run/wpa_supplicant/*
# wpa_supplicant -i ath0 -D wext -c /etc/wpa_supplicant.conf -dd
Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl _interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ap_scan=2
update_config=1
Line: 5 - start of a new network block
ssid - hexdump_ascii(len=8):
57 69 6e 67 59 69 6e 67 WingYing
PSK - hexdump(len=32): [REMOVED]
proto: 0x1
key_mgmt: 0x2
pairwise: 0x8
group: 0x8
Priority group 0
id=0 ssid='WingYing'
Initializing interface (2) 'ath0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
SIOCGIWRANGE: WE(compiled)=22 WE(source)=13 enc_capa=0xf
capabilities: key_mgmt 0xf enc 0xf
WEXT: Operstate: linkmode=1, operstate=5
Own MAC address: 00:19:7d:43:b6:16
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Using existing control interface directory.
Added interface ath0
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b06 len=8
State: DISCONNECTED -> SCANNING
Trying to associate with SSID 'XXXXXXXX'
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
WPA: No WPA/RSN IE available from association info
WPA: Set cipher suites based on configuration
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 proto 1
WPA: clearing AP WPA IE
WPA: clearing AP RSN IE
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02
No keys have been configured - skip key clearing
wpa_driver_wext_set_drop_unencrypted
State: SCANNING -> ASSOCIATING
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
wpa_driver_wext_associate
Setting authentication timeout: 60 sec 0 usec
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b1a len=16
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
Wireless event: cmd=0x8b1a len=16
Authentication with 00:00:00:00:00:00 timed out.
Added BSSID 00:00:00:00:00:00 into blacklist
No keys have been configured - skip key clearing
State: ASSOCIATING -> DISCONNECTED
wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
WEXT: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Trying to associate with SSID 'XXXXXXX'
Cancelling scan request

Etc, Etc

[tempestuous]

Good reporting. It appears that the ath_pci driver has its own encryption sub-modules, so the standard kernel encryption modules are not necessary.

driver 'wext' ctrl _interface 'N/A' bridge 'N/A'

That's useful information. I googled for that phrase, and got this -
http://madwifi.org/ticket/1030
It appears there is a problem with the way that the madwifi driver interacts with wpa_supplicant. Some users claim it is related to certain versions of the madwifi driver. This is certainly possible; Puppy 2.17 contains madwifi-0.9.3.1 and Puppy 3.00 contains madwifi 0.9.3.2.
There are several "workarounds" mentioned in that thread, and a patch for the driver which increases the "preempt_scan" period.
Let's try the most straightforward suggestions first. Assuming your wifi access point suports G mode, just before "ifconfig ath0 up" (or just after?) do this -

Code: Select all

iwpriv ath0 mode 3

This will force the adaptor into pure G mode, and stop a lot of mode-related confusion by the driver.
Now run the wpa_supplicant command.
If no success, try adding this line to /etc/wpa_supplicant.conf

Code: Select all

auth_alg=OPEN

And as a last resort; Pavel Roskin, a madwifi developer, suggests using a bogus SSID value, which will force the driver to rescan for your access point.
I consider this a rather ugly workaround.

If none of these work, I will compile the madwifi driver with the preempt_scan patch.

[tempestuous]

Here is the patched ath_pci driver package. The preempt_scan value has been increased from 100 to 1000 (1/10th second to 1 second).

EDIT Nov 16 2007: MADWiFi (ath_pci) driver moved to here -
http://www.murga-linux.com/puppy/viewto ... 643#153643

[tempestuous]

I just realised something really basic; there are instances of modules failing to load the other modules they depend on, so the solution might be as simple as pre-loading those other modules.
In the case of the ath_pci module, that means:

EDIT: extra command added to first unload ath_pci

Code: Select all

rmmod ath_pci
modprobe ath_hal
modprobe wlan
modprobe wlan_scan_ap
modprobe wlan_wep
modprobe wlan_tkip
modprobe wlan_ccmp
modprobe ath_pci

[peterw]

Tempestuous, I really appreciate your efforts. I want to try your suggestions but I am having difficulties with Puppy programmes at the moment. For some reason, whist Puppy list ath_pci as loaded when I run "lsmod" I cannot get it come up with "ifconfig ath0 up". When I run the network wizard only the ethernet card is shown and if I try to add the "ath_pci" driver it says it is already loaded? (In the past ath0 has been listed when I ran the network wizard)

Have tried earlier versions of Puppy and 3.01 retro with similar results. Have reinstalled version 3.00 and tried this and still the atheros card is not loaded and bought up. I have added your recommended code to the /etc/rc.d/rc.dlocal script the card does not come up. (Generally, if I have this script Blinky comes on when I start Puppy.)

I am not sure where to go to next but will persist.

As a thought you have come up with good changes that should be built into Puppy 3.02. Can this be done so that people like me don't have the same problems and give Puppy a bad name?
Thanks

[tempestuous]

I have a suspicion we may be dealing with multiple problems. As I look back at your earlier post I see -

With Atheros AR5005G on ACER Aspire 5051AWXMi on Puppy 3.01/3.0/2.17 can't wirelessly connect with WPA.

Does this mean 2.17 could not connect?
I suggest you go back to Puppy 2.17 and eliminate the variables one step at a time.
1. Disable all encryption at the wifi router and try to connect with Wizard set for "encryption, none". If successful, the ath_pci driver is OK.
2. Enable WPA at the router, and try to connect. If successful, the Wizard's handling of WPA is OK. If not successful, try the commands manually.

Don't return to Puppy 3 until Puppy 2.17 works. Puppy 3 has additional problems that only complicate the situation further.

As a thought you have come up with good changes that should be built into Puppy 3.02.

Well, not necessarily. My solutions are workarounds, not a true fix, and you haven't yet confirmed that my solutions work. The other Atheros wifi users who are clearly browsing this thread haven't reported results, either.

[friedsonjm]

I can help a little here; with both versions, I've been able to get unencrypted connections - the problem is, as far as I can determine, only with the WPA connection.

jf

[tempestuous]

friedsonjm, that's useful. Your problem is clearly related to how wpa_supplicant handles the ath_pci driver.
You could try pre-loading the modules I mentioned 3 posts earlier, before running the Wizard.
You could also try running the "iwpriv ath0 mode 3" command before running the Wizard.

But peterw's situation is a bit more complex. I remember now that he has an Acer laptop mentioned in this thread -
http://www.murga-linux.com/puppy/viewto ... 528#136528
Some Acer notebooks have a wifi switch which turns the wifi function off, and I think that's the problem.
And I see this -

I can't see or connect to anything with or without encryption.

Forget about WPA and wpa_supplicant, there are deeper problems here.
I think the wifi function needs to be enabled, either with the acerhk module, or boot with "irqpoll" or "pci=biosirq" options, as forum member pupshock reported.

[friedsonjm]

You could also try running the "iwpriv ath0 mode 3" command before running the Wizard.

that gets me:

ath0 no private ioctls

loading the driver manually, then using wpa_passphrase, then using the wizard and pasting the wpa_passphrase output into into the wizard gets the system trying to establish a wpa connection, but it finally gives up.


jf

[peterw]

Hi All

After a lot of tries I am coming to some sort of conclusion. I agree with tempestuous. I have two problems.
Problem 1.
The acer has gone through phases when. under Puppy, it did load the Atheros driver and allowed it to transmit and receive. The wireless button on the front may have something to do with it. In the past I have looked at the acerhk work but do not have the skill to incorporate the programme into Puppy. Have now tried tempestuous's irqpoll and pci=biosrq on a CD boot of Puppy (2.15 and 3.01 retro) and still can't get the Atheros card to run. It is loaded but I don't get the ath0 button. I have added a PCMIA ASUS card with rt2500 chipset to the acer. I can load the driver and I can get the ra0 button but could not get it to connect to an open or WPA modem/router.
I can run other Linux distros on the acer and they work fine. I am now working on the acer under PClinux.

Problem 2.
Puppy seems to have a problem with WPA. And this has confused my attempts to connect wirelessly. I have had two wireless modem/routers on the go one open and one WPA. I have used my old PM laptop with an ASUS 107 PCMIA card with rt2500 chipset. I have then run various versions of Puppy booting totally into RAM with the following results.
Puppy versions 2.13 to 2.16.1. I can connect both to the open and the WPA sources. I have to load the driver with the wizard and then use RuTuilt to finalise the connection. The wizard could not connect me. I have to scan with RuTuilt and then connect. It takes up to 3 attempts on the WPA source.
Puppy version 2.17 can' see and connect to open or WPA sources.
Puppy version 3.0 and 3.0.1retro. I can see and connect to the open source and can see the WPA source. This is not surprising because for some reason the programme tells me that the driver does not support WPA encryption.

From the above I can see that Puppy is different from some other distros is not Acer friendly and that either the Raelink rt2500 drivers have changed or the Linux/Puppy base Linux system has changed to knock out WPA encryption. I am not sure about whether the Atheros card can be made compatable with Puppy because the system is now playing up. I am sure that the Atheros card is not straight out of the box compatable with WPA.

I am now running out of Puppy options since I do not have the skills to investigate this further.

Regards.

[friedsonjm]

NOTE: I am also running my old P2120 laptop under Pclinxos, although I certainly have not given up on Puppy!

Maybe a port of the Pclinux or other wireless subsystem might be 'best?'

Easier said than done, I'm sure...

jf

[peterw]

Just a note to add to my earlier work. I know that Raelink rt2500 does not need wpa_ supplicant because the driver has WPA built in whilst the Atheros driver from Madwifi loads a driver and adds the WPA with the wpa_supplicant file. Therefore, my work on comparing the two in Puppy my not be totally fair. I also know that something has gone wrong with the Ralink drivers. Earlier this year I bought a wirless pci card (with Ralink chips) for a friends PC from the Linux Emporium and can remember that they wrote about the problem and had a temporary work around but it did not include a WPA fix.

I also don't intend to give up on Puppy. On the old RM laptop I use the older Puppy versions but do not have a Puppy way forward yet on the Acer.

[friedsonjm]

Not saying I understand all this, but found at http://alien.slackbook.org/dokuwiki/dok ... re:madwifi

WPA debugging

*
[If you run a kernel older than 2.6.14 :] Was wpa_supplicant compiled with support for madwifi?
Run the command wpa_supplicant on the commandline, and verify that the output mentions madwifi = MADWIFI 802.11 support (Atheros, etc.) under drivers:. If not, you will have to find another package which has the support for madwifi compiled in, or build a wpa_supplicant package yourself, and make sure that the build script finds the madwifi source code on your box.

*
Debug the WPA authentication process.
Make sure the network interface is down (run

/etc/rc.d/rc.inet1 ath0_stop

to make sure). Start the wpa_supplicant daemon as a foreground process with additional debugging enabled:

wpa_supplicant -dw -c/etc/wpa_supplicant.conf -Dwext -iath0

Then activate the network interface in another terminal (run

/etc/rc.d/rc.inet1 ath0_start)

Look at the output of wpa_supplicant in the first terminal, it might give you pointers to look for a solution.

*
Get a run-time status overview of the supplicant:
As root, run

wpa_cli status

to see the current status of wpa_supplicant’s authentication process.

*
Debug Slackwares network intitialization.
Change

DEBUG_ETH_UP="no"

to

DEBUG_ETH_UP="yes"

in /etc/rc.d/rc.inet1.conf and look for logger messages that are written to /var/log/messages. Maybe those messages will help you trace your problem.
NOTE: with debugging enabled, Slackware will write your WEP/WPA keys to the message log as well, in clear text!

*
The WPA association might take a long time.
Start the interface again after a little time, this may help if it takes wpa_supplicant a long time to associate (no restart, just a start):

/etc/rc.d/rc.inet1 ath0_start

If this makes your wirelesss work, but the problem occurs often, you can change the ‘wait’ time for the WPA authentication process by editing the file /etc/rc.d/rc.inet1.conf and adding the line

WLAN_WPAWAIT[?]=30

or any other larger value that helps your particular setup.
NOTE: in the last line make sure that you replace the questionmark in [?] with the array value that matches your wireless card configuration In the above example this array index would be [1].

[friedsonjm]

Don't know if this will help but:
From http://damnsmalllinux.org/wiki/index.ph ... less_Cards
I found that my G630 needs madwifi-ng
source and compiled versions at
http://madwifi.org/wiki/UserDocs/Gettin ... tSnapshots
download mirror at:
http://sourceforge.net/project/showfile ... p_id=82936
jf

[friedsonjm]

... and latest release is:
release Name: 0.9.3.3

Notes:
3b454351fd533bdf361a7fbc525a525f madwifi-0.9.3.3.tar.bz2
20349fdcaf38b8ae3296ef09146e5851 madwifi-0.9.3.3.tar.gz


Changes:
This release fixes a remote DoS security issue, as well as
compilation for kernel 2.6.23.

More detailed information about this release is available at
[1] and in the announcement made on the mailing lists (see
archives, for example [2]).

[1] http://madwifi.org/wiki/Releases/0.9.3.2
[2] http://article.gmane.org/gmane.linux.dr ... user/13222

[friedsonjm]

Spent some time tonight playing with ndiswrapper and various windoze versions of the driver; no dice, same problem with all. Am concluding that this is certainly not a driver issue, per say. Am out of things to suggest at this point.
jf

[tempestuous]

friedsonjm, I just compiled wpa_supplicant in Puppy 3.0 to see if this will fix the problem.
If WPA now works from the Wizard, that's great ... but I really need you to run the commands manually, because this way you will see any error messages.

First, I suggest you install the madwifi-0.9.3.3-patch-k2.6.21.7.pet from earlier in this thread. It's the latest version of the ath_pci driver, and the patch should not make too much difference.

Then modify /etc/wpa_supplicant.conf to include your ESSID and Personal Security Key.

Now install the new wpa_supplicant package, and run these commands -

Code: Select all

rmmod ath_pci
modprobe ath_hal
modprobe wlan
modprobe wlan_scan_ap
modprobe wlan_wep
modprobe wlan_tkip
modprobe wlan_ccmp
modprobe ath_pci
ifconfig ath0 up
rm /var/run/wpa_supplicant/*
wpa_supplicant -i ath0 -D wext -c /etc/wpa_supplicant.conf -dd

If the wpa_supplicant command runs successfully, now open a second terminal and do this -

Code: Select all

rm /etc/dhcpc/*.pid
dhcpcd -t 30 -h puppypc -d ath0

If no success, reboot and run the entire sequence again, but this time add this command after "ifconfig ath0 up" -

Code: Select all

iwpriv ath0 mode 11g

EDIT: not "iwpriv ath0 mode 3"

If this iwpriv command fails, please just run this -

Code: Select all

iwpriv

and report the list of iwpriv parameters.

[friedsonjm]

Bombing out after ifconfig ath0 up
I lost the error message, can try for it again if need be.
Using the wizard, and plugging in the passphrase results, WPA tries to work, but a connection is never established...

[tempestuous]

Bombing out after ifconfig ath0 up

That suggests that the ath_pci driver has failed to load properly, or is not compatible with your wifi device ...
which makes no sense, because you said in an earlier post that you could get unencrypted connections.
Are you sure you ran the modprobe commands correctly?

Or maybe the ndiswrapper driver is still loaded? If so, unload this from the Wizard. Preferably, uninstall the ndiswrapper driver.