Wpa supplicant

wpa_supplicant is Article description::a wifi supplicant to handle network authentication.

Installation
As a precondition, wireless support might need to be activated in the kernel as described in Wifi/IEEE_802.11 as well as necessary wireless device drivers.

Emerge
After USE flags have been reviewed, install using Portage's  command:

Files
Be sure to choose the corresponding setup.

Global
For usage with a single wireless interface only one configuration file will be needed. This file does not exist by default; a template configuration file can be copied from where the value of the P variable is the name and version of the currently emerged Wpa supplicant:

Next, edit the file:

To allow unprivileged users to control the connection using wpa_gui / wpa_cli, make sure the users are in the group.

Setup for Gentoo net.* scripts
Tell the network script to use wpa_supplicant:

After configuration below it is a good idea to change the permissions to ensure that WiFi passwords can not be viewed in plaintext by anyone using the computer:

Using wpa_gui
The simplest way to use wpa_supplicant is by using its interface called. To enable it, build wpa_supplicant with the USE flag enabled.

Using wpa_cli
Wpa_supplicant also has a command-line user interface. Typing starts its interactive mode with tab-completion. Typing  at this prompt will list the commands available (click "Expand" to view the output for the  command below):

More details on how to connect can be found in the Arch Linux wiki.

Using wpa_passphrase
wpa_supplicant includes a tool to quickly write a network block from the command line for Preshared-Key (PSK aka password) networks,.

The SSID is required. If omitted, the passphrase can be entered when prompted.

The resulting output can then be copied or piped to.

Editing manually
Of course, the configuration file could also be edited manually. However this can be very laborious if the computer needs to connect to many different access points.

Examples can be found in and.

WPA2 with wpa_supplicant
Connecting to any wireless access point serving YourSSID

Using bssid to specify which access point it should connect to using its MAC address, in case there are repeaters in place. Remember to use wpa_passphrase [passphrase] to generate the psk

Troubleshooting
In case it does not work as expected try some of the following and analyze the output.

Check for known bugs

 * Upstream's mailing list archive
 * Upstream's mailing list archive

Run wpa_supplicant in debug mode
Be sure to stop any running instance of the supplicant:

Something like the following options can be used for debugging (click "Expand" to view the output below):

Enable logging
SECTION NEEDS REVIEW

By default, wpa_supplicant performs very little debugging without the  USE flag enabled.

NOTE: As of my testing on Aug 6, 2018; debug is not a valid useflag for wpa_supplicant. You could add -dd to the wpa_supplicant_args var in /etc/conf.d/wpa_supplicant to enable debugging output. Additionally the section Enable logging for Gentoo net.* scripts has a valid way to enable debug messaging

Enable logging for Gentoo net.* scripts
Now, within one terminal issue a command to monitor output and restart the  device in another:

External resources

 * HOWTO: Remote access point with wpa_supplicant (Gentoo Forums)
 * Extensible Authentication Protocol (Wikipedia)
 * Extensible Authentication Protocol (wiki.freeradius.org)
 * wpa_supplicant upstream just accepted patch to allow interface matching
 * http://www.kb.cert.org/vuls/id/CHEU-AQNN3Z