Iwd

iwd (iNet Wireless Daemon) is an up-and-coming wireless daemon for Linux. It is written by Intel and aims to replace wpa_supplicant.

Installation

Kernel

Security Options --->
	[*] Enable access key retention support
		[*] Diffie-Hellman operations on retained keys

Cryptographic API  --->
	[*] Diffie-Hellman algorithm
	[*] DES and Triple DES EDE cipher algorithms
	[*] User-space interface for symmetric key cipher algorithms

USE flags

Some packages are aware of the iwd USE flag.

Emerge

Install the net-wireless/iwd package:

Network management

Gentoo is all about choice, so there should be various methods available for network management. But iwd is new, and not methods support iwd fully. Be sure to heed the warning in the network management article about mixing and matching the different methods for network management.

netifrc

netifrc is Gentoo's default method of managing networks, but unfortunately it does not support iwd as backend yet, see bug #690808. Make sure that any symbolic links to /etc/init.d/net.lo for the wireless interfaces are removed:

Select another, working, method for network management.

iwd native

As of version 0.19 iwd contains a DHCP client and can manage routes and DNS resolving. See here how to configure it.

Start iwd and add it to the default run level:

dhcpcd

Add both the dhcpcd and then iwd service to the default runlevel and start them up:

Use iwctl to make connections.

NetworkManager

NetworkManager supports iwd. Make sure to set the iwd USE flag:

gnome-extra/nm-applet or other NetworkManager frontends can be used as per normal to make connections.

ConnMan

ConnMan supports iwd somewhat. Make sure to set the iwd USE flag en (re-)emerge:

ConnMan still relies on wpa_supplicant for scanning, but connecting via iwd is possible.

Connecting to an access point with iwctl

iwctl is iwd's tool to control iwd. It supports both a command line interface and an interactive mode. A complete command line would be iwctl station list to see what adapters you might be able to use:

                            Devices in Station Mode
--------------------------------------------------------------------------------
  Name                State          Scanning
--------------------------------------------------------------------------------
  wlan0               disconnected

An interactive session of iwctl commands can be used to connect to a WiFi network access point. First check the status of the WiFi network interface, set it in scanning mode if needed, and then obtain the list of WiFi access points. Finally connect to the access point.

# station wlan0 show
                                 Station: wlan0
--------------------------------------------------------------------------------
  Settable  Property            Value
--------------------------------------------------------------------------------
            Scanning            no
            State               disconnected

# station wlan0 scan
# station wlan0 get-networks
                               Available networks
--------------------------------------------------------------------------------
    Network name                    Security  Signal
--------------------------------------------------------------------------------
    FRITZ!Box 7362 SL               psk       ***
    WLAN-105127                     psk       *

# station wlan0 connect "FRITZ!Box 7362 SL"
Type the network passphrase for FRITZ!Box 7362 SL psk.
Passphrase:

Configuration files

Daemon configuration

iwd keeps its main configuration file in /etc/iwd/main.conf.

iwd native network management

Native network management can be activated as follows:

[General]
enable_network_config=true
route_priority_offset=200
dns_resolve_method=resolvconf

Where:

• enable_network_config is required to activate the native network management
• route_priority_offset is optional and sets the route metric
• dns_resolve_method is optional and can be used to configure a DNS manager like 'resolvconf' from net-dns/openresolv or 'systemd'.

Disable periodic scan

To prevent iwd from continuous scanning while not connected:

[Scan]
disable_periodic_scan=true

Configuration per connection

iwd keeps its configuration file per connection in /var/lib/iwd/.

This directory contains files with names like <station>.<networktype>, where:

• station is the name of the network
• networkwork type can be
  • psk for pre-shared key, like WPA-PSK or WPA2-PSK
  • 8021x for WPA-Enterprise, like EAP-PWD or EAP-PEAP.

Security

For WPA authentication the contents of the file looks like this:

[Security]
PreSharedKey=924179acd138039828674bb2339a4a2c95cce4a41deb934d99c00380d0be8490
Passphrase=<human readable password>

The PreSharedKey is the same as one that could have been calculated with wpa_passphrase, from package net-wireless/wpa_supplicant. iwd does not provide a passphrase calculator yet.

Static network configuration

iwd defaults to DHCP, either natively or using an external DHCP-client. For static IPV4 configuration add something like this to /var/lib/iwd/station.pwk:

[IPv4]
ip=192.168.1.100
netmask=255.255.255.0
gateway=192.168.1.1
broadcast=192.168.1.255
dns=192.168.1.1

Interface management

Starting with version 0.18 iwd is actively managing network interfaces [1]. On startup it may destroy an existing network interface and create a new one. The newly created interface will be configured optimally for iwd's use. Note that currently interface renaming is not supported. This means that an interface that was detected by udev, and renamed to say 'wlp2s0' will be destroyed and a new one named for example 'wlan0' might be created. When iwd terminates it destroys the wireless interface it created.

It is possible to suppress this behaviour by passing commandline options -p (+the the name of the phy) and -i (+ the name of the interface) to the iwd daemon.

See also

• Wifi — describes the setup of a WiFi (wireless) network device.
• Wpa_supplicant — a wifi supplicant to handle network authentication.

External resources

• Iwd: simplifying WiFi management
• Arch linux iwd wiki