Introduction to WPA Supplicant
WPA Supplicant is a Wi-Fi
Protected Access (WPA) client and IEEE 802.1X supplicant. It
implements WPA key negotiation with a WPA Authenticator and
Extensible Authentication Protocol (EAP) authentication with an
Authentication Server. In addition, it controls the roaming and
IEEE 802.11 authentication/association of the wireless LAN driver.
This is useful for connecting to a password protected wireless
access point.
Note
Development versions of BLFS may not build or run some packages
properly if LFS or dependencies have been updated since the most
recent stable versions of the books.
Package Information
WPA Supplicant Dependencies
Required (Runtime)
Configuring the Linux
Kernel for Wireless
Recommended
desktop-file-utils-0.28 (for running
update-desktop-database) and
libnl-3.11.0
Optional
dbus-1.14.10 and libxml2-2.13.5
Installation of WPA Supplicant
First you will need to create an initial configuration file for the
build process. You can read wpa_supplicant/README
and wpa_supplicant/defconfig
for the explanation of
the following options as well as other options that can be used.
Create a build configuration file that should work for standard
WiFi setups by running the following command:
cat > wpa_supplicant/.config << "EOF"
CONFIG_BACKEND=file
CONFIG_CTRL_IFACE=y
CONFIG_DEBUG_FILE=y
CONFIG_DEBUG_SYSLOG=y
CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
CONFIG_DRIVER_NL80211=y
CONFIG_DRIVER_WEXT=y
CONFIG_DRIVER_WIRED=y
CONFIG_EAP_GTC=y
CONFIG_EAP_LEAP=y
CONFIG_EAP_MD5=y
CONFIG_EAP_MSCHAPV2=y
CONFIG_EAP_OTP=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_TLS=y
CONFIG_EAP_TTLS=y
CONFIG_IEEE8021X_EAPOL=y
CONFIG_IPV6=y
CONFIG_LIBNL32=y
CONFIG_PEERKEY=y
CONFIG_PKCS12=y
CONFIG_READLINE=y
CONFIG_SMARTCARD=y
CONFIG_WPS=y
CFLAGS += -I/usr/include/libnl3
EOF
If you wish to use WPA Supplicant
with NetworkManager-1.50.0, make sure that
you have installed dbus-1.14.10 and libxml2-2.13.5, then add the following options
to the WPA Supplicant build
configuration file by running the following command:
cat >> wpa_supplicant/.config << "EOF"
CONFIG_CTRL_IFACE_DBUS=y
CONFIG_CTRL_IFACE_DBUS_NEW=y
CONFIG_CTRL_IFACE_DBUS_INTRO=y
EOF
Install WPA Supplicant by running
the following commands:
cd wpa_supplicant &&
make BINDIR=/usr/sbin LIBDIR=/usr/lib
This package does not come with a test suite.
Now, as the root
user:
install -v -m755 wpa_{cli,passphrase,supplicant} /usr/sbin/ &&
install -v -m644 doc/docbook/wpa_supplicant.conf.5 /usr/share/man/man5/ &&
install -v -m644 doc/docbook/wpa_{cli,passphrase,supplicant}.8 /usr/share/man/man8/
If you have built WPA Supplicant
with D-Bus support, you will need
to install D-Bus configuration
files. Install them by running the following commands as the
root
user:
install -v -m644 dbus/fi.w1.wpa_supplicant1.service \
/usr/share/dbus-1/system-services/ &&
install -v -d -m755 /etc/dbus-1/system.d &&
install -v -m644 dbus/dbus-wpa_supplicant.conf \
/etc/dbus-1/system.d/wpa_supplicant.conf
Note
You will need to restart the system D-Bus daemon before you can use the
WPA Supplicant D-Bus interface.
Note
This package installs desktop files into the /usr/share/applications
hierarchy and you can
improve system performance and memory usage by updating
/usr/share/applications/mimeinfo.cache
. To
perform the update you must have desktop-file-utils-0.28 installed
and issue the following command as the root
user:
update-desktop-database -q
Configuring wpa_supplicant
Important
If you are using WPA Supplicant with NetworkManager-1.50.0 (or anything
communicating with WPA Supplicant via D-Bus), this section should
be skipped. Running a D-Bus connected WPA Supplicant instance and
another WPA supplicant instance configured following this section
simultaneously can cause subtle issues.
Config File
/etc/sysconfig/wpa_supplicant-*.conf
Configuration Information
To connect to an access point that uses a password, you need to
put the pre-shared key in /etc/sysconfig/wpa_supplicant-wifi0
.conf
. SSID is
the string that the access point/router transmits to identify
itself. Run the following command as the root
user:
wpa_passphrase SSID
SECRET_PASSWORD
> /etc/sysconfig/wpa_supplicant-wifi0
.conf
/etc/sysconfig/wpa_supplicant-wifi0
.conf
can hold
the details of several access points. When wpa_supplicant is started, it
will scan for the SSIDs it can see and choose the appropriate
password to connect.
If you want to connect to an access point that isn't password
protected, put an entry like this in /etc/sysconfig/wpa_supplicant-wifi0
.conf
. Replace
"Some-SSID" with the SSID of the access point/router.
network={
ssid="Some-SSID
"
key_mgmt=NONE
}
Connecting to a new access point that is not in the configuration
file can be accomplished manually via the command line, but it
must be done via a privileged user. To do that, add the following
to the configuration file:
ctrl_interface=DIR=/run/wpa_supplicant GROUP=<privileged group>
update_config=1
Replace the <privileged group> above with a system group
where members have the ability to connect to a wireless access
point.
There are many options that you could use to tweak how you
connect to each access point. They are described in some detail
in the wpa_supplicant/wpa_supplicant.conf
file in the
source tree.
Connecting to an Access Point
If you want to
configure network interfaces at boot using wpa_supplicant, you need to
install the /lib/services/wpa
script included in blfs-bootscripts-20241209 package:
make install-service-wpa
If your router/access point uses DHCP to allocate IP addresses,
you can install dhcpcd-10.1.0 and use it to automatically
obtain network addresses. Create the /etc/sysconfig/ifconfig-wifi0
by running the
following command as the root
user:
cat > /etc/sysconfig/ifconfig.wifi0
<< "EOF"
ONBOOT="yes"
IFACE="wlan0
"
SERVICE="wpa"
# Additional arguments to wpa_supplicant
WPA_ARGS=""
WPA_SERVICE="dhcpcd"
DHCP_START="-b -q <insert appropriate start options here>
"
DHCP_STOP="-k <insert additional stop options here>
"
EOF
Alternatively, if you use static addresses on your local network,
then create the /etc/sysconfig/ifconfig-wifi0
by running the
following command as the root
user:
cat > /etc/sysconfig/ifconfig.wifi0
<< "EOF"
ONBOOT="yes"
IFACE="wlan0
"
SERVICE="wpa"
# Additional arguments to wpa_supplicant
WPA_ARGS=""
WPA_SERVICE="ipv4-static"
IP="192.168.1.1"
GATEWAY="192.168.1.2"
PREFIX="24"
BROADCAST="192.168.1.255"
EOF
You can connect to the wireless access point by running the
following command as the root
user:
ifup wifi0
Replace wlan0
with the
correct wireless interface and wifi0
with desired name for the
configuration file. Please note that wpa_supplicant-*.conf
and ifconfig.*
configuration files need to have
identical names, ie both contain wifi0
in their name.