Search Tillamook Rage
Google Custom Search

11.10.2007

Getting WPA-PSK Wireless Working in Xubuntu

You might be interested in this post if you are trying to get your laptop or desktop on a WPA-PSK security enabled wireless network. This should be a lot easier in Linux than it is, but we've come up with the what we hope is the easiest possible solution for you here. If you've been searching for the answer in the forums and found nothing but a headache, you've come to the right place. We're shooting to have the wireless setup in EONS be pain free, so stay tuned for our first release.

This procedure was developed using Xubuntu 7.04 (Feisty Fawn), but should work equally well with any Ubuntu derivative (6.10 Edgy or later). Also, always be careful when editing your system configuration files, or following any procedures from any site, as you can do harm to your system if a mistake is made. Always make backups of the configuration files that you change, or you might just find yourself with a broken system that's a pain to fix. Also, please be aware that in this post, you will be entering the pre-shared key for your wireless network in an unencrypted file. This could potentially reveal your password to someone who gains access to your computer.

Finding the Active Wireless Network Interface
First off, we're going to find the name of the wireless network interface. If you already know this, just skip to the next paragraph. Launch an x terminal (Applications > Accessories > Terminal). If the terminal crashes, please see our post "XFCE Terminal Crash Fix". Once you are in the terminal type sudo cat /etc/network/interfaces and hit Enter. Type your password (of course) and hit Enter again. In the output that comes up in the terminal, you will see several entries that say something like auto eth0, where eth0 is the name of the interface. The trick is that you have to check each one of these in turn until you find your wireless card (I haven't found a good way to scan the active interfaces yet without writing a program or a script). Typically, wired Ethernet connections usually have interface names starting with eth, with the first wired connection being eth0, but this doesn't have to be the case. The computer that I'm writing this post on has its wireless card showing up as eth1. WiFi connections can be listed as wifi, and I've noticed Atheros wireless chipsets show up starting at ath0. Write down all of the interface names so that you can step thorough them with the next command. Once you have the interface names, type iwconfig eth0 and hit Enter (be sure to replace eth0 with the name of the interface that you're currently checking). Do this for each of the interfaces until you get one that responds. For the interfaces that aren't active wireless connections, you will get a line of text that is something like eth0 no wireless extensions. That's a good thing though because it tells you to move on to the next interface name. Once you have found the active wireless interface, move on to the next section.

Check for wpa supplicant
We want to check to make sure that wpa supplicant is installed. This is the program that does the WPA negotiation with your wireless network. If you haven't already, open an X terminal and type sudo apt-get install wpasupplicant and hit Enter. If you get output saying that wpasupplicant is already the newest version, you're good to go. Otherwise, follow the prompts to get it installed.

Create the Configuration File
In the terminal window type sudo mousepad /etc/wpa_supplicant.conf and hit Enter. Please note here that you could replace mousepad with any editor (like vim) that you would rather use. There's a really good chance that the editor window will come up empty since this file doesn't seem to exist by default on Xubuntu 6.10 and higher. When the file opens type the following in the window:

network={
ssid="YOUR NETWORK SSID HERE"

psk="YOUR KEY HERE"

key_mgmt=WPA-PSK

proto=WPA

}


You will insert your own network ssid and psk instead of the text I have put in.
One gotcha here is that if you have specified the key to be ascii in your wireless router/access point, you have to enclose the key in quotation marks, and if you specified the key in hexadecimal, you will leave the quotation marks off. There are other settings that you can add to this file too, but I like to keep things simple, and this configuration seems to work great. Now, save the file and exit.

Make the Change Persistent
Next, type sudo mousepad /etc/network/interfaces and hit Enter. Once that window opens, find the heading for your wireless interface, and type wpa-conf /etc/wpa_supplicant.conf below it. If there is anything about WEP security below there and you're not using WEP on your wireless network, just replace it with the line above. See Figure 1 to see what my file looks like once I've made the change. Note that eth1 is the interface that my wireless card is on.

Figure 1

Once you have typed the line, save and close the file.

Restart the Network
The last thing to do is to put your changes into effect by restarting the network on your computer. In the terminal window type sudo ifdown eth1 and hit Enter, and then type sudo ifup eth1 and hit Enter, making sure to replace eth1 with the name of your interface. Your wireless network card should now be on the secured network and if you're network equipment is set up right, you should be able to surf the Web. This change will also make it so that the wireless network will automatically connect when you restart the computer too.

Enjoy!

If you have any questions or comments about this procedure, please attach them to this post. Even if its only to say that you used it and it worked fine for you, we appreciate your feedback.

13 comments:

Anonymous said...

Great article. Hit a snag in the /interfaces file. There is only the "auto lo" entry, no other. I've typed in the eth1 lines (changing it to eth0 to match my rig), go through the rest, but no connection. I can get one using WEP though. Any suggestions?

JeremyW said...

Hi katzja,

I would make sure that your wireless card supports WPA in Linux. Be aware that sometimes a card that supports WPA in Windows may not in Linux because of the way the driver module is written. For instance, I have a Netgear WG311 wireless card that uses the acx_pci module which doesn't support WPA in Linux. I would Google on your card to first see if it supports WPA, and second to see if it supports WPA in Linux. WPA supplicant has the ability to use ndiswrapper, so if the driver module that is being used currently does not work, you can try using the Windows driver. If you have questions about how to do that, let us know.

If WPA support is not the problem, then please post the model of your wireless card and check to make sure that the card is seeing your WPA encrypted network by typing

sudo iwlist eth0 scanning

in a terminal window and looking for the ESSID name of your network in the output.

I hope that helps. Please post back if you have any other questions.

Thanks,

Jeremy

Anonymous said...

Thanks for the fast reply. I am using an Orinoco gold (hermes I chipset), which does support WPA (using the wavelan driver, although one site says only WPA1 not WPA2 is supported), and the Orinoco is natively supported by Linux. Typing the sudo command you gave produce "No scan results" in WPA-PSK and WEP (when I repeated it after resetting the router to WEP). However, when I do "iwconfig eth0" I do get the card description and ESSID.

Perhaps the ndiswrapper help would be useful after all. But I am willing to try some more following the advice in your column.

JeremyW said...

Boot and I have conferred and we have serveral other questions and suggestions for you.

Boot says that sometimes the PCMCIA drivers that come with Linux are not loaded right, so you can type

sudo apt-get pcmcia-cs

to get the latest ones, and then try to use the driver that was designed specifically for your chipset. The wavelan driver should be fine if you have the chipset made by Lucent (which I think the Hermes I is), but there are other drivers for the other chipsets that are supposed to be closer matches I think. Check Orinoco's site for information on your specific chipset to be sure. Also, we are wondering what distro and version of Linux you are using, and I would like to see what the output of

sudo lspci

gives you with respect to your wireless card. Also, I have heard of strange occurences of the Gnome Network Manager causing WPA supplicant fits. I have no direct experience with that, so take it for what it's worth. You might try to update your version of that network manager (if you're running it) and maybe even try to kill the nm-applet process while you're trying to get WPA supplicant to work. If you need to see if it's running just type

sudo ps -ax | grep nm-applet

in the terminal to see if that process shows up. One other thing (although I doubt it will help) is to type

sudo ifup eth0

in the terminal and then see if it will connect. We're kind of running in the dark here since we have never worked with that Orinoco card, but those are our suggestions so far. Try those things and check the output of lspci, and let us know what you get.

Good Luck!

Anonymous said...

Thanks for the ideas. The bad news is not many of them worked this time around.

The lsmod shows the pcmcia card running orinoco_cs. The apt-get showed "E: Invalid operation pcmcia-cs".

The "sudo lspci" did not show a pcmcia line (there is a cardbus bridge: 02 Micro Onc, 0z6812 CardBus Controller (rev 05).

The grep command begets "Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html" the two lines:
4788 ? Ss 0:34 nm-applet - -sm-disable
5723 pts/0 R+ 0:00 grep nm-applet

The ifup gets me "Ignoring unknown interface eth0=eth0

The installation is literally 2 week-old version of the current xubuntu, which was updated (75 files) yesterday after the install.

With the WEP working and my SSID broadcast turned off, it may make sense to leave what is working alone for now, and just wait for improvements in the WPA handling, which is clearly an area where ubuntu and its derivatives need work. What do you think?

Boot said...

2 quick things, there was a typo, it should be sudo apt-get install pcmcia-cs, and once it's installed go to orinoco and reinstall the latest drivers to make sure they're configured right.

My only other concern is that you're using Gutsy. I've had plenty of trouble with Gutsy when I've tried using it as a test on my laptop or desktop. It's a pain, but it might be worth using a Feisty LiveCD and installing pcmcia-cs and the drivers while in the Live environment. If it works then you have your answer.

Jeremy has handled all the wireless setup and problems, and he's out on a job all day, but I'll make sure he looks over it tonight if the LiveCD doesn't fix it.

EONS Admin Team said...

Hi again katzja,

The Gnome Network Manager has been upgraded to version 0.6.5 in Gutsy and actually works pretty well for me now on my wireless laptop (even with WPA). From the output of your ps command it looks like it's already running and should show up in your system tray somewhere. If you single click on the icon it should bring up a menu that has a list of all the wireless networks that it sees. You should see your WPA enabled network even if you can't connect to it. Once the list comes up, click on your network and a connection dialog should come up asking you for the WPA key. If WPA works with network manager, then I would hazard a guess that it is what's keeping WPA supplicant from working properly. As I had stated before, I've heard that that the Gnome NM might cause problems because it's so possessive with your network configuration. I've never had that problem though. If WPA doesn't show up in the network manager, let us know and we'll dig deeper into the driver/chipset issue.

Thanks,

Jeremy

Anonymous said...

Sorry to take so long to reply. Things got busy. Basically, somewhere along the lines, Gutsy broke. It would die during login. I decided to try and install Feisty, but it is no longer available. The choices are Dapper and Gutsy. I tried Dapper, but it didn't even recognize the card.

I reinstalled Feisty. All results match what I said earlier. It turns out pcmcia-cs is superceded by pcmciautils. The card is recognized (as eth0), but only WEP comes up.

I am inclined to try the ndiswrapper approach, and if that doesn't work, just leave it at WEP encryption and await the next release. If you can send me the instructions for ndiswrapper, I would appreciate it. You can use katz2004mail-ndiswrapper at yahoo dot com to send it.

Thanks for the efforts.

Anonymous said...

I was looking around for other solutions and stumbled upon a simple one - replacing Network Manager with wicd. The instructions for Ubuntu worked with Xubuntu, and I ended up with WPA support. The discussion was at http://www.lockergnome.com/linux/2007/10/18/ubuntu-gutsy-wireless-help/
and the program itself is at https://sourceforge.net/project/showfiles.php?group_id=194573

Thanks again.

JeremyW said...

That's great that you found a solution. Sorry I wasn't more help though. I hope that everything else you do with Xubuntu goes more smoothly.

Thanks for posting the fix for the rest of us too, I appreciate that.

Anonymous said...

Great how-to, helped me a lot!

Anonymous said...

tillamookrage.blogspot.com; You saved my day again.

Anonymous said...

Your blog keeps getting better and better! Your older articles are not as good as newer ones you have a lot more creativity and originality now. Keep it up!
And according to this article, I totally agree with your opinion, but only this time! :)