WPA + Linux = Not as much bother as expected

17 08 2009

So we’ve all heard about the weaknesses of WEP. If not, a quick google search should bring up thousands of sites describing WEP’s weaknesses. There are even videos on youtube describing how to compromise WEP security, many using the popular pen-testing tool Backtrack 3, or Backtrack 4 Beta.

With WPA, the problem of a static key is fixed, by WPA changing the key at a packet transmitted/received frequency. If you want to find out more, you can check this wiki article on WPA.

After messing a little with Backtrack 3, I realised how easy it was to crack WEP keys – from booting Backtrack 3 for the first time to finding my WEP key, it took about half an hour, much shorter if I hadn’t had to follow a ¬†guide.

So WPA, or WPA2 is the way forward. Here is a quick description of what I had to do to get my Arch Linux laptop and server connected to my BTHomeHub2.

NOTE: Remember that I’m using Arch Linux, an independent distribution. This means that it uses its own package management system, “pacman”, as well as handling daemons in a different folder. If you’re not using Arch, remember to swap out the distro-dependent commands for commands suited to your distro.

0. Install wireless drivers.

1. Install wpa_supplicant

For Arch Linux:

sudo pacman -Sy wpa_supplicant

After the initial install, running “wpa_supplicant” (without the quotes) will give you a list of supported drivers, including the generic wireless driver WEXT, NDISWRAPPER support and MadWifi, amongst others.

2. Configuring WPA supplicant

I like to backup the default configuration file. However, for this, we’re going to create our own configuration file, so “mv” is used, instead of “cp”. To do this, open your terminal of choice and type:

mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig

Now we create the configuration file

touch /etc/wpa_supplicant.conf

Wpa supplicant requires that your SSID and passphrase be encoded into a hexadecimal string. This might sound daunting, but it’s simple if you use a tool bundled with wpa supplicant. Again, in your terminal of choice, run:

wpa_passphrase ssid passphrase

This will output a configuration file that should work from the off with your setup. To save you from typing this out in a text editor and saving it in /etc/wpa_supplicant.conf, we can simply retype that command, but pipe the output to the configuration file.

wpa_passphrase ssid passphrase > /etc/wpa_supplicant.conf

Remember to replace “ssid” with your wireless access point’s name, eg “BTHomeHub2-GKJP”, and to replace “passphrase” with your passphrase.

If your amongst the security conscience of us, you should think about changing the permission of the configuration file, since your passphrase will be stored in plain text. To do this so that only root can read from and write to the file:

chmod 0600 /etc/wpa_supplicant.conf

There we have it, the configuration file for wpa supplicant. Now for connecting to the your access point (AP).

3. Connecting

Before discovering tools such as wicd, I had to connect using wpa supplicant from the command line. Ill detail this way instead of the wicd method, in case your having to connect wireless before you have X installed, as I had to do.

With everything in place, connecting is quite easy. For this, I’m going to use “wlan0” as my wireless device name. However, this name may be something different for you. To find out your device name, run the command “iwconfig”.

First, you must bring your wireless device up. To do this, run:

ifconfig wlan0 up

Now we need to associate with your access point. To do this, simply run:

iwconfig wlan0 essid ssidname

NOTE: Here, you need to replace ssidname with the name of your AP, but leave essid as essid.

Now to connect:

wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf

Since it’s quite a long command, I’ll break it down a bit. The “-B” tell wpa supplicant to run in the background. The “-D” selects the driver to use. The “-i” tell wpa supplicant that your going to be specifying your interface. “wlan0” is the name of your interface (remember to change to your interfaces name). “-c” tells wpa supplicant that next you will be specifying the configuration file’s name.

Nearly done now. All thats left is to ask for an internal IP address. I use dynamic addresses, so to request a dynamic IP, run:

dhcpcd wlan0

And there you have it. You should now be connected to the internet.

One last note for those of us who like to automate long processes like this. You should think about using the “sleep” command between connecting and requesting an IP. I used “sleep 3”, meaning that it waits 3 seconds before requesting an IP address. Some may think this is overkill, but I like to be on the safe side. If you dont “sleep”, then you may run into problems when connecting.