-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Jansen wrote:
> I just switched my desktop pc (FC5) from ethernet to wireless (makes
> redecorating the house so much easier ;))
> NetworkManager and ndiswrapper work like a charm, I'm really
> impressed by the state of these utilities.
Yeah, when it works (and it has for me), NM is pretty sweet.
> Now what I was wondering to take things one step further: is it possible
> to have the wireless network (with wpa) enabled on reboot, in stead of
> booting without network, logging in, and waiting for NetworkManager to
> pop up the dialog to ask for the keyring password in order to activate
> WPA encryption ?
There are plans to have this in a future version of NM, though I don't
know how soon that might be.
One thing you can do is use pam_keyring[1] so that you don't have to
type your passphrase twice. Use the same passphrase for your
gnome-keyring as you use to login and pam_keyring will unlock it for
you when you log in to gnome.
> system-config-network can of course be used to specify that wlan0
> should be activated on boot, but it doesn't have settings for WPA Is
> this possible
With a few modifications to the networking scripts, yes. I did this
for FC4 on my laptop and FC5 on a desktop machine I built for a
friend. Since the desktop wasn't likely to move around very often I
figured that I'd rather use the older network scripts than NM.
The changes I made to /etc/sysconfig/networking-scripts/ifup-wireless
are below. I then added the variables WPA and WPADRIVER to the
ifcfg-eth1 file in /etc/sysconfig/networking-scripts/.
- --- ifup-wireless 2005-04-15 15:56:36.000000000 -0400
+++ ifup-wireless 2006-03-08 13:01:12.000000000 -0500
@@ -97,3 +103,11 @@
# use any essid
iwconfig $DEVICE essid any
fi
+
+# use wpa_supplicant for connecting to WPA enabled APs
+WPA_SUPPLICANT=/usr/sbin/wpa_supplicant
+WPA_SUPPCONFIG=/etc/wpa_supplicant/wpa_supplicant.conf
+if [ "$WPA" = "yes" -a -n "$WPADRIVER" -a -x $WPA_SUPPLICANT ]; then
+ $WPA_SUPPLICANT -Bw -c$WPA_SUPPCONFIG -i$DEVICE -D$WPADRIVER
+fi
+
I also created a wpa_supplicant.conf file using the examples from the
wpa_supplicant docs. It looked like this:
# allow frontend (e.g., wpa_cli) to be used by all users in ’wheel’ group
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
#
# home network
network={
ssid="home_net_ssid"
scan_ssid=1
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
psk="ultra-secret-passphrase"
}
> or should I use WEP-encryption instead (which s-c-network can handle
> automatically)
That depends on your security preference. WEP is fundamentally
broken[2][3].
[1] http://www.hekanetworks.com
[2] http://www.tomsnetworking.com/2005/03/31/the_feds_can_own_your_wlan_too/
[3] http://www.tomsnetworking.com/2005/05/10/how_to_crack_wep_/
- --
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
Originality is nothing but judicious plagiarism.
-- Voltaire
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
iG0EARECAC0FAkSqBtMmGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt
ei5hc2MACgkQuv+09NZUB1pX+ACeMCKqSjMnDrGDX/4FQxnx+/qlqooAoLvXKigJ
vQ7yZj1Jo9KexuIbgnpt
=tprB
-----END PGP SIGNATURE-----
