dcsimg

Linux on Your WLAN: Configure WPA - Page 2

If you've got Linux clients on your WLAN, our quick guide to securing their connections with WPA is a must.

 By Carla Schroder
Page 2 of 2   |  Back to Page 1
Print Article

On Fedora and Red Hat, et al, configure your wireless card in the usual manner in /etc/sysconfig/network-scripts/ifcg-eth1, or whatever file belongs to the wireless interface, using the real interface name and MAC address:

DEVICE=eth1
BOOTPROTO=dhcp
HWADDR=11:22:33:44:55:66
ONBOOT=yes
TYPE=Ethernet

Then add these lines to the end of /etc/sysconfig/network-scripts/ifup-wireless, again using your own interface name:

wpa_supplicant -iath1 -c/etc/wpa_supplicant.conf -Bw
killall wpa_supplicant

These are simple setups that don't manage multiple locations or do any fancy hotplug management, but they work fine for single locations. We'll cover roaming, multiple profiles, and hotplug interfaces in future installments.

Rolling Out Masses of Keys
Security gurus advise changing shared keys periodically. Doing it manually is less than fun. Using cfengine is one option, though that's a big hammer to use on a little nail. Your access point might have a utility to do this, so look there first.

If you already have an authentication server, like a RADIUS server, you've already done the hard part, so we'll look at how to set up WPA Enterprise in a future howto.

Resources

  • wpa-supplicant
  • KDE users can install KWiFiManager, the excellent wireless client manager.
  • Check the docs for your particular Linux distribution; it may have a nice graphical utility to ease your wi-fi configuration.
This article was originally published on Mar 29, 2006
Get the Latest Scoop with Networking Update Newsletter