WPA2 on Linux

Thu 08 May 2008 by Thejaswi Puthraya

Setting up WPA2 on Linux

Recently Binand pointed me to DD-WRT (free Linux based firmware for Linksys' WRT54G Series). Since I owned that series of the router, I installed it on my router. It looks really very cool especially with those awesome javascript effects. It also came with support for RADIUS.

For the first time, I decided to close my network to outsiders and hence used WEP authentication. During a discussion with Binand later on, he told me that WEP was almost obsolete and insecure. He asked me to go in for WPA-PSK.

Here's the step by step process of setting up WPA on GNU/Linux. (I am blogging about this as a personal archive, but if you find it useful do let me know :)

  • Setup your router to accept WPA:
Linksys Router Wireless Authentication Setup

This part is the easiest. Just select a passphrase and the router is all set to use WPA.

  • Setup your laptop to communicate with router through WPA:

    Quite an easy process. First run the wpa_passphrase command-line utility and provide it the SSID of the router and the password provided in the router.

[theju@localhost Desktop]$ /usr/sbin/wpa_passphrase linksys password
[theju@localhost Desktop]$

Just copy this output and paste it in your wpa_supplicant.conf (mine was located in /etc/wpa_supplicant/wpa_supplicant.conf).

  • Run your WPA Client:

    Run the client to start the authentication.

[root@localhost theju]# /usr/sbin/wpa_supplicant -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf -d

The above line specifies the interface, the path of the configuration file and directs the client to run in debug mode. If all goes well, you can run the client in the background.

[root@localhost theju]# /usr/sbin/wpa_supplicant -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf -B

If you want to go a step further by enabling WPA at bootup, write a script and place it in /etc/rc.d/init.d/.