Wpa supplicant

wpa_supplicant is a Wifi supplicant to handle authentication.

Installation
As a precondition, wireless support needs to be activated in the kernel as described in Wifi/IEEE_802.11.

Emerge
After USE flags have been reviewed, install using Portage's  command:

Configuration
The necessary wireless device drivers need to be installed. For usage with a single wireless interface only one configuration file will be needed:

To allow unprivileged users to control the connection using wpa_gui / wpa_cli, make sure the users are in the  group.

Setup for dhcpcd as network manager
Emerge version >=2.6-r1 in order to get the CONFIG_MATCH_IFACE option added in April 2017,

complete its conf.d file with the new  option

and run it as a service:

Setup for Gentoo net.* scripts
Tell the network script to use wpa_supplicant:

After configuration below it is a good idea to change the permissions to ensure that WiFi passwords can not be viewed in plaintext by anyone using the computer:

Using wpa_gui
The simplest way to use wpa_supplicant is by using its interface called. To enable it, build wpa_supplicant with the or  flag enabled.

Using wpa_cli
Wpa_supplicant also has a command-line user interface. Typing starts its interactive mode with tab-completion. Typing  at this prompt will list the commands available.

More details on how to connect can be found in the Arch Linux wiki.

Using wpa_passphrase
wpa_supplicant includes a tool to quickly write a network block from the command line for Preshared-Key (PSK aka password) networks,.

The SSID is required. If omitted, the passphrase can be entered when prompted.

The resulting output can then be copied or piped to.

Editing manually
Of course, the configuration file could also be edited manually. However this can be very laborious if the computer needs to connect to many different access points.

Examples can be found in and.

WPA2 with wpa_supplicant
Connecting to any wireless access point serving YourSSID

Using bssid to specify which access point it should connect to using its MAC address, in case there are repeaters in place. Remember to use wpa_passphrase [passphrase] to generate the psk

Troubleshooting
In case it does not work as expected try some of the following and analyze the output.

Enable Logging
By default, wpa_supplicant performs very little debugging without the  flag enabled.

Now, within one terminal issue a command to monitor output and restart the net.wlan0 device in another:

External resources

 * HOWTO: Remote access point with wpa_supplicant (Gentoo Forums)
 * https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol - Extensible Authentication Protocol (Link to en.wikipedia.org)
 * http://wiki.freeradius.org/protocol/EAP - Extensible Authentication Protocol (Link to wiki.freeradius.org)
 * Forums post https://forums.gentoo.org/viewtopic-t-1036958-start-4.html - wpa_supplicant upstream just accepted patch to allow interface matching