wpa_supplicant

External resources

	Homepage

	Wikipedia

wpa_supplicant is a Wifi supplicant to handle authentication.

Installation

Install net-wireless/wpa_supplicant:

Configuration

OpenRC setup for wlan0

modules_wlan0="wpa_supplicant"
wpa_supplicant_wlan0="-Dwext"
config_wlan0="dhcp"

The /etc/wpa_supplicant/wpa_supplicant.conf is not currently being created on install and users need to create this file themselves.

You might also want to change the permissions to ensure that WiFi passwords can't be viewed in plaintext by anyone using the computer:

Using wpa_gui

The simplest way to configure wpa_supplicant is by using its simple (but sufficient for most uses) user interface called wpa_gui. To enable it, build wpa_supplicant with the the qt4 USE flag enabled.

To allow unprivileged users to control the connection using wpa_gui, add the following at the beginning of your /etc/wpa_supplicant/wpa_supplicant.conf:

# Allow users in the 'wheel' group to control wpa_supplicant
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel

# Allow user-made changes to be saved (e.g. add networks)
update_config=1

Editing manually

wpa_supplicant can be configured manually. This can be fine if the computer does not need to connect to many different access points.

Examples can be found in the wpa_supplicant.conf(5) man page as well as the example wpa_supplicant.conf in the documentation directory (e.g. /usr/share/doc/wpa_supplicant-1.0)

WPA2 with wpa_supplicant

Connecting to any wireless access point serving YourSSID

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
#ap_scan=0
#update_config=1

network={
        ssid="YourSSID"
        psk="your-secret-key"
        scan_ssid=1
        proto=WPA2
        key_mgmt=WPA-PSK
        group=CCMP TKIP
        pairwise=CCMP TKIP
        priority=5
}

Using bssid to specify which access point it should connect to using its MAC address, in case there are repeaters in place.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
ap_scan=1

network={
        bssid=00:50:17:31:1a:11
        ssid="YourSSID"
        psk="your-secret-key"
        scan_ssid=1
        proto=WPA2
        key_mgmt=WPA-PSK
        group=CCMP TKIP
        pairwise=CCMP TKIP
        priority=5
}

Auto-connect to any unsecured network

network={
        key_mgmt=NONE
        priority=-999
}

Troubleshooting

• Gentoo bugtracker: known bugs

Enable Logging

By default, wpa_supplicant performs very little debugging without the USE flag debug enabled.

modules_wlan0="wpa_supplicant"
wpa_supplicant_wlan0="-Dwext -d -f /var/log/wpa_supplicant.log"
config_wlan0="dhcp"

Now, within one terminal issue the command "tail -f /var/log/wpa_supplicant.log" and within another, restart the net.wlan0 device.

Can't Connect to Hidden SSID

This plagued me for several days and I recently found, by an accidental firmware settings reset on my DD-RWT Linksys router, that the settings within DD-WRT can cause havoc for some reason.

So, basically, if you cannot connect to an Access Point (AP) or wireless router using wpa_supplicant, try reseting the AP or wireless router's settings to factory defaults. I know it's a drastic solution, but it solved my issues with trying to connect with a ath9k AR9462 wireless device and WRT54G DD-WRT wireless router [Firmware: DD-WRT v24-sp2 (11/02/09) std]. Some symptoms were, SSID was not broadcasted after setting broadcast to enabled. Setting encryption mode to WPA, didn't allow selectiong both WPA Algorithms, and only selected one type. Also, selecting WPA, prevented broadcasting the SSID. Seems to be a firmware glitch and any DD-WRT bug submitter should probably submit this as a possible bug.