Talk:WPA Manual Setting

From OLPC
Revision as of 06:57, 1 September 2008 by Skierpage (talk | contribs) (→‎Build650 with Wpa.sh and D-Link DIR-615: fix link to General Release Notes, turn bold text into headings)
Jump to navigation Jump to search

Build 703

The insructions don't work, and cannot currently connect using WPA.

Build 653 / WPA 1 / Works!!

Got as far as the neighbourhood, saw my network unlocked. Bravo! Clicked it - then the whole neighbourhood went blank! No connection and no neighbourhood anywhere.

Gulp!

rebooting...

And now it works. Weee! Needed two boots, but hey, so do I if it's raining. Flick 17:36, 17 June 2008 (EDT)

Build650 with Wpa.sh and D-Link DIR-615

works fine first time!

Sebastien, Midland TX


Got our olpc from G1G1 on Dec 15, build 650. The WPA instructions do not work. There is a file created on /home/olpc/.sugar/default/nm/networks.cfg. The bssids is empty. I tried wpa_ver 2 and 4. I tried putting in AP from iwconfig on this laptop for bssids (without colons to mimic key). Our WPA access point does not show up on the neighborhood. -- StuartGathman 23:25, 16 December 2007 (EST)

Please see the general release notes for build 650 for details on this bug. We have a fix now and should be able to release the patch to the general public in another week or so. -- kim

Looks like it might work!

I just received my children's OLPC yesterday (2007-12-17) and my biggest disappointment was the lack of WPA support. Anyone who is serious about wireless security (which may include the vast majority of G1G1 participants!) would not use any less than WPA2 at home.

I am using an Apple Airport Extreme router which did work for me last night without encryption at all, but that's an unacceptable option. I literally put the OLPC back in the box it came in, until a solution became available. Now I am betting on the power of Linux to come through with what looks like an extremely simple fix. Will post again with the results!

-Jeff Robelen, NY

Finally Got This to Work

I tried this (with and without the suggested emendations) several times to no avail on my Airport Express (WPA2).

Looking at the script, I finally realized that (despite the instructions I had read elsewhere), it required the ASCII version of the password (which it then converts to Hex). Works great now. --Bill Shepherd

WPA Enterprise

What about WPA Enterprise (ie. No PSK)? --Jhulten 19:10, 19 December 2007 (EST)


WPA keys must be 10 characters or less in length

I'm leaving this tag in here, but its not correct (thanks Ivan!). ref: http://dev.laptop.org/ticket/5574

My reasoning for leaving this here is that "something" is up with the driver. Reference the bug above for details, but the short form is that any of 3 OLPCs here at work can no longer connect to our WiFi corpnet, though the only thing that changed was the passphrase.

Hmmm... - Mark Pulver 22:10, 19 December 2007 (EST)


Didn't work for me either (Updated: now works)

Just got my laptop today and tried the script method against WPAv1 Router. My passphrase is 14 chars though, so I hope I didn't hit the bug above.

When I reboot OLPC, it comes back and asks for passphrase :(

[Now Works - Dec 19, 2007] Ok, it works now, I think the instructions for clicking on the neighborhood activity after reboot messed me up. It didn't connect after that, and after re-running script multiple times it inserted multiple items into config file.

I cleaned up the config file with the original info, then DID NOT go into neighborhoods and it connected fine after a bit. Please note my WPA passphrase was 14 chars.

[Update 2 - Dec 30,2007] Note that my wireless is still very intermittent. On some boots wireless works perfectly, and others the wireless light doesn't even turn on. And even some other boots it asks for a key. :( Well, at least it works some of the time. Can't wait for the next stable with official support.

-Ivan Berg -

This also worked for me. Thank you Ivan

I used the original script and instructions but left out the Neighborhood step. My first tries included clicking the AP in the Neighborhood after reboot and it went blank with no connection. After multiple attempts I came here, cleaned up the config file, and rebooted leaving it alone. After I rebooted the XO automatically connected to my wireless network. I had also turned the broadcast SSID on as a precaution so that I could see it in the Neighborhood prior to testing. Unknown if this was necessary for the actual connection.

AP: Linksys WRT54G v6

Firmware Version: 1.02.0

Security Mode: WPA2 Personal

WPA Algorithms: TKIP+AES

--Spoonyfork 01:19, 22 December 2007 (EST)

Is it the AP? (WRT54G using WPA1)

Has anyone gotten this to work with a WRT54G using WPA1 (personal with TKIP). I saw something about the mesh clashing with the Lazy-WDS that this AP has. I made the script mods since I have a space in my SSID, but have had no luck (even avoided the neighborhood page). I do notice that my mesh becomes active in both ifconfig and /var/log/messages, but see no evidence of auto connection trying to use networking.cfd data.

--Todd Spraggins 22:20, 21 December 2007 (CST)

Still not working (TRENDNet TEW-432BRP with WPA2, PSK, TKIP)

I have a TRENDNet TEW-432BRP with WPA2, PSK, TKIP. The passphrase is 8 chars. Two other laptops connect fine with Fedora 8 NetworkManager. The file "/home/olpc/.sugar/default/nm/networks.cfg" contains

[Gathman]
timestamp = 1197859792
wpa_ver = 4
key_mgmt = 2
bssids = 
key = 07xxxxxxxxxxxxxxxxxxxxxxx64charsxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
we_cipher = 0

The WAP does not show up at all, locked or unlocked, and there is no net connection.

--Stuart Gathman 21:33, 21 December 2007 (EST)

Alternate method

The generated configurations didn't work for me, and neither did the manually created variations I tried. The following method worked the first time.

/usr/sbin/wpa_passphrase "ssid" "passphrase" > /home/olpc/passkey
  1. In the Terminal activity, execute the command above, using your own ssid and passphrase.
  2. In the Browse activity, navigate to file:///home/olpc/passkey. Highlight the key, copy it to the clipboard with Ctrl-C.
  3. Press the Neighborhood button, find your wireless access point, click it once. A dialog box will pop up. Paste the key into the dialog, press OK.
  4. Experience joy
  5. This worked for on a Trendnet 423 Draft N Wireless router

Bill 22:08, 21 December 2007 (EST)

This worked for me on build 650. Looks like you need to use the hex encoded form of the WPA passphrase in the Neighborhood prompt. -- Ghopper 17:19, 25 December 2007 (EST) Update: The WPA behavior is flaky. Sometimes it will get on the WPA network, but sometimes not. Also, it is having trouble finding the other XO while using WPA (I have two). Upgraded one to build 653, and the sugar applet still requires the hex encoded passphrase. -- Ghopper 22:47, 28 December 2007 (EST) -- THANK YOU. This worked for me. I have saved this information as a Write file on my XO so I can access it again as needed. I really appreciate the help! :-)

OMG!! It worked

I am virtually computer illiterate! But I did it! I got the XO to access my WPA wireless internet. Yippee and thank you!

working wpa by following shell script instructions

I followed the steps to

1)download Wpa.sh
2)edited the line with pass to "pass" since my passphrase has lots of spaces in it (No longer necessary --DeanBrettle)
3)copied Wpa.sh from usb to home directory
--In case someone's reading this who doesn't know, the cryptic period at the end of "cp /media/USBNAME/Wpa.sh ." means current directory. Since terminal starts in the home directory, and there were no commands to go elsewhere, that's where you still are.
4)ran the script as per instructions (my wpa turned out to be 1, not 2, so I had to re-do it)
5)started back up without going to neighborhood, like the commenters above said,
and
6)I'm on!

wheeee!

My router is a Motorola SBG900. It can be very finicky, so I'm tickled pink this worked!

quixote (I'm too excited to log in properly)

What if the access point isn't broadcasting its ssid?

As far as I know everything is fine, but my access points don't broadcast their ssid's. So there is no circle to click on. How can I tell it to just start up (or better yet, show a circle to click on)?

SSID hidden vs. visible

I can't connect without setting my router SSID to visible. Once I set my WiFi router to visible, I can connect fine. But after set my router back to invisible and restart the OLPC laptop, it won't find it. Unless there is a way to do it via the command line, it doesn't appear the network tool has a way to connect to invisible/hidden SSID networks. But I may be wrong since I've only had this thing less than a day.

reboot where...

Where do I type the word, reboot so that it can reboot? at the end of the whole script line? im typing reboot and it aint doing nothing. [UPDATE] i finally got it to work reading the instructions on the wpa page how section was not updated for the ssiid whatever it was. Im now surfing nicely on one of my laptops the question though now is I cant get open any of the games on the sesame street workshop area for my kids.

firmware upgrade needed

I followed everyone's suggestions, but still couldn't connect. So I upgraded my wireless router's firmware. I have a Netgear WGR614v6 with the old Firmware Version V2.0.13_1.0.13. I upgraded to V2.0.19_1.0.19 and everything works just fine.

Failed three ways

I have 3 APs (all work fine for a variety of XP machines):

1. Linksys WRT54GX1 Ver. 1. Originally running firmware v. 1.01.14 with WPA TKIP PSK encryption. Downloaded/modified/ran the Wpa.sh shell script. The shell script appeared to perform as designed. Rebooted. Connection not established. Upgraded firmware. Rebooted XO. Still no connection.

2. Verizon (Actiontec) GT704-WG with WPA TKIP PSK encryption. This AP is almost never visible on the Neighborhood view. Re-ran Wpa.sh. Cleaned up /home/olpc/.sugar/default/nm/networks.cfg from the old settings. Rebooted. No luck there either.

3. Belkin 54G using WPA or WPA2 encryption. No dice with this AP for a total of 3 failed attempts to connect to an AP.


User:Phillip 21:25, 23 December 2007 (EST)

Update: Turned out the Belkin works fine with WPA2 encryption. Had the wrong passphrase initially.

--User:Phillip 22:10, 23 December 2007 (EST)

Couldn't get past the "wireless key required" screen

I followed the manual instructions above, generated the hex key from passphrase, pasted it in the dialog box for my network on the neighborhood view, but after a long pause the window just keeps coming back up with a blank for the key. Any thoughts? I can't get the Wpa.sh fix to work from a USB stick as the Terminal window comes up with "does not recognize command" (or something to that effect). Am timid about trying to load Build 653 - not an "advanced user" by any stretch. Thanks!

--User:d1willis 29 December 2007

Downloading

The instructions say to download the wpa.sh file from a PC other than the OLPC laptop. Is that necessary if one can obtain an internet connection from elsewhere? (Like from a neighbour, who doesn't have WPA :) ).

Also, if one does download the file, how does one then find out where it was saved? I can download it, and view it in the clipboard, but I can't find what happens to it next.

Jeremymiles 22:37, 24 December 2007 (EST)

Permission Denied I got the file, and I type ./Wpa.sh, I get the response "Permission denied".


Me too.

I found a solution - you need to chmod the file permission, type:

chmod 777 Wpa.sh

Jeremymiles 18:10, 26 December 2007 (EST)

WPA Works With Build 653

I just downloaded build 653 (650 is what normally comes installed on the G1G1 laptops) And the WPA on that works flawlessly... at least it did for me.

I'm not sure if 653 is a stable release... but then I wouldn't call not having WPA work out of the box a stable release either.

Check out Olpc-update for info on updating. I did the Activated Upgrade which wipes it clean.


I just wanted to confirm what you said the 653 works flawlessly for WPA no linux codes or anything to do just need to know your router password and it works great both my laptops are running great.

From "TotalBalance" - I'll also confirm using the Activated Upgrade (aka re-install upgraded OS - the HD is wiped clean) with Build 653 worked perfectly to connect with our home WPA Personal (WPA 1) network. Even better, we can access it using the passkey phrase vs. having to figure out the hexadecimal value. Just wish I hadn't tried most every other recommendation on this wiki first to get things working!

WPA2 Works For Me (Build 650)

This page (mostly) contains negative stuff so I'd just like to report that the instructions related to Wpa.sh worked perfectly for me the first time I tried them. I have a visible SSID with WPA2-AES as provided by a Linksys WRT54GL with f/w 4.30.7. Best wishes...good luck.

Build650 with Wpa.sh and D-Link DI-624

Hope this helps others...

For me, Build650 and the WPA.sh works with a D-Link DI-624 access point with WPA2-TKIP and WPA2-AES, but doesn't work with WPA (version 1) with TKIP or AES

With WPA1, the OLPC associates with the Access Point but Authentication fails.

Trying to connect with WPA2 or WPA and the GUI (without the WPA.sh) didn't work.

== I also have a DI-624 router and I upgraded to build 653 and was still not able to connect with WPA1. I had to use WPA2 in order for the xo to get on the network. There appears to be an incompatibility with WPA1 and the xo because my other laptop can access the DI-624 with WPA1 without any problem.

I wish I had seen this post before replacing my DI-624 :-(. I couldn't get my OLPC or another FC8 Linux laptop to connect and didn't think of trying WPA2. My new Linksys (WRT54G) works fine though.

Got a bit further with Build653, then nothing

I'm using an Apple Airport Extreme N with WPA.

With Build 650 I didn't even see my network, but saw a few WEP networks around my neighborhood. I tried the manual approach by editing /home/olpc/.sugar/default/nm/networks.cfg, but that didn't do anything.

I did an ActiveUpgrade to 653 and saw a TON more networks in neighborhood including mine. But typing in my key didn't get it to connect. It's 16 characters, so I though maybe I hit the 10 character limit. Instead of changing key and updating all the computers on my network, I decided to hand edit /home/olpc/.sugar/default/nm/networks.cfg again, since maybe the GUI was screwing up my key. Rebooted and no connection. I went back to neighborhood and this time the only networks I saw was the 3 mesh networks and one WEP network. I cleared the contents of /home/olpc/.sugar/default/nm/networks.cfg and rebooted, but still didn't see anything more in my neighborhood. I decided that maybe I screwed up somthing, so I re-ActiveUpgraded back to 653 to overwrite everything, went back to neighborhood and saw more networks, but not mine! Every time I reboot I see different amount of networks. The laptop is in the same place in the house.

I was able to successfully get it on the network by connecting to a neighbors unsecure network so I know it works.

Worked with Build650, WRT54G, WPA2

Worked on the first try with a longish passphrase. Thanks!\

Worked with Build650, WRT54G, WPA

Worked on the first try! 1 Million thanks!

Apple Airport Extreme/WPA2/Build 653: Working!

Open Network; Activated Upgrade to Build653; ASCII passphrase

Thanks to everyone for the help. After many frustrating attempts with 650, I did an "Activated Upgrade" to 653 and I am now able to boot my XO and see it automatically recognize my wireless network with WPA2 security.

I had done a manual command-line connect with WEP but wasn't feeling good about it, and NetworkManager was rewriting my resolv.conf nameservers every few minutes.

I used the Wpa.sh script without modifications. I entered my passphrase in ASCII, as recommended above. I was not able to get it working with a closed network; I had to make it visible.

--Judith Lewis 14:15, 30 December 2007 (PST)

Just to add, the Manual Script worked for me to connect my G1G1 Build 650 to an Airport Extreme firmware 5.7.

--Joe Wagner

Build 656, Linksys WRT54GL: Worked

Great job. Dkaufman1 09:35, 25 March 2008 (EDT)

WPA-PEAP

Can't get it to work at school where my connection is protected EAP with MSCHAPv2. Solutions?

WPA1 and D-Link DI-524?

There does seem to be an incompatibility between the XO's WPA1 and the D-Link DI-524 router. (And the DI-624 in WPA1 mode too, according to the above)

We've tried the script method with two different DI-524s with WPA1 enabled, and with both routers the Neighborhood icon for the router shows as unlocked. However, clicking the icon for that router's network brings up the Wireless Key Required box.

The XO has no difficulty connecting to these routers if they are set to no security, or to WEP.

The XOs that were tested originally had build 656, and they have also been tested with build 703.

The trouble is that the DI-524 does not support WPA2. Besides downgrading our security to WEP (or no security), does anyone have suggestions for a fix? Thanks.

Pearson 19:06, 25 May 2008 (EDT)

== WPA1 and NetGear RangeMax and build 703

I installed the build 703 at a coffee shop. It did not allow me to connect at home. I used the script and the Neighborhood icon shows that the router is unlocked. So far so good. However, as with the above post, the Wireless Key Required box keeps coming up even though the correct password is again typed. I have no clue what language the faulty code is written in or whether it is on the router or the XO, but my guess is that the script does successfully convince the router that an authorized user is trying to log on but that there is some flag somewhere else in the code that tells the software that authorization has been granted and the program can exit the loop that gets the password. I'd look for the problem in the code that calls for the routine that brings up the Wireless Key Required box. Because this flag stating authorization granted is never set, the program is in an endless loop and the connection process can't continue. Somebody who can read this code and knows where it is should look for a problem like this.

[User Weiser] 18:16 30 July 2008 (EDT)

WPA-PSK + AES

G1G1, build update.1 703, with a Belkin wireless G router model F5D7230 version 2000, using channel 11. Connectivity is fine using WEP, doesn't connect with this WPA2 approach. Router connects fine with other PCs and with a wireless HP AllinOne. Tried both the cutting/pasting of the key, and the script Wpa.sh methods (same key is generated each way). The XO sees the router (with no lock icon shown), but every time it tries to connect I get the standard popup window asking about entering the key; so the script approach doesn't work (if it did I think I shouldn't get the popup), and if I do paste in the key the connection fails no matter which selection I use for "Encryption type". Relevant 7 lines of the networks.cfg file (using xxx's for the name and key, and semicolons for endofline markers) is as follows: [xxxxxx]; timestamp = xxxx; we_cipher = 0; key = xxxxxxx; key_mgmt = 2; bssids = ; wpa_ver = 4; Same behavior after removal of the networks.cfg file and re-execution of the script. Any thoughts about what to try next? Thnx

WPA-PSK = No Tickie, No Washey!!!

I received an XO Laptop today. I just updated my daughters laptop to the latest version (703). I have tried all three (3) ways of getting connected and nothing seems to work. The only progress, if you can call it that, was using the wpa.sh script which did remove the lock from the Neighborhood window. I don't mind getting dirty at the CLI, so if anyone has any ideas, I'd really appreciate some advice.

Thanks! Cheers...