Sunday, May 4, 2008

Configuring a Wi-fi/Wireless Connection card with Debian

WARNING: thanks to the new kernel 2.6.24 the driver for this wifi-card, now are directly inside the kernel. Enjoy Smile


For this Howto a wifi card with a RaLink RT2500 chipset has been used.

First give some fundamentals about wifi.

The working modes of a Wifi network are two: Ad-Hoc and Infrastructure.

The first one lets you connect two wireless clients without any intermediary, while the second one let you connect two or more devices within an actual network.

An AP (a router usually with wifi features too) allows the different wifi clients connect at the normal cable network thanks the AP.

Besides the AP can work as a bridge from two (point-to-point) or more (point to multi-point) cable networks. Finally he can have signal repetition features.
Once you have bought the device with either the features of an AP router and those of a modem let's go on with the configuration.

After the router is connected to the pc, open a browser (not IE!) and in the Web address bar type http://192.168.0.1 (if the connection fails read its manual in order to know which is the address for the router's configuration via web interface).

First configure your connection according to the data provided by your ISP (username and password) together with the transmission protocols PPPoE/PPPoA, VCI/VPI, etc. in this case you can read this page , later the router will route the pc automatically into the net so you can surf the net. At the same time enable either the DHCP Server (protocol for dynamic address configuration) so it's everything easier because the IP addresses are assigned automatically to the machines connected, and the WI-FI (givin also a WEP key of 13 o 26 digits - read below - for the wifi network encryption) for the connection of the other machines.
Now just make sure there is a PCI or USB or PCMCIA (laptops) wi-fi card inside our PC-CLIENT and whether it's correctly recognized and loaded by our system.

This is the most difficult part of the whole "travel" to have a wifi connection, but don't panic.

The best suggest I can give you is to buy the most compatible hardware you can, that with a good chipset supported by GNU/Linux.

For this the best ones are the cards with an Atheros chipset (very common) exploited by the excellent Madwifi drivers.

For laptops, Intel offers drivers for wifi-cards with a 2100/2200BG/2915ABG/3945ABG chipset: you can get info HERE and HERE or installing them with APT

$ apt-get install your_card_ipw


or the RaLink (also very common and with a good quality) RT2400/RT2500 chips which can be found HERE or with APT (see below).

Orinoco/Wavelan/Lucent/Proxim cards: they all mounted Hermes chipsets (which was into the kernel) and then Prism2 HERE.

Those with USB can use the Atmelwlan-driver driver HERE while others can have a Prism54 SoftMac HERE.

In extreme cases knowing the chipset without support you can use an excellent method with an high percentual of success which uses the Windows installation drivers: ndiswrapper.
A good guide can be found HERE .
After this long list finally let's talk about the card configuration; I wrote a lot to give lots of help for those who want to configure an AP (easy) and the wifi cards (a bit more complex once the most important thing is to know the card's chipset and load the related modules).

At this point you know what is to be installed to use your wifi card; in our case for a card with a RT2550 chipset use this command:

$ apt-get install rt2500-source wireless-tools


The first ones (rt2500) are the sources you are going to compile and install thanks to module-assistant , while the Wireless-tools are tools sponsorized by HP which allows you to configure the card through a console (there are also some GUI, but the old and reliable console can't be surpassed) with few and very easy commands.

You can also download the source at this LINK and compiled it by yourself without module-assistant (I suggest you to use the new rtx200CVS because this drive are rewritted and work better than legacy driver that you find on repository) after download and uncompressed it, let's go into the path and type

make

make install



Now that you have everything:

$ iwlist scan

so you can have a complete view of your connection peripherals (ethX) and in particular wifi ones.

lo Interface doesn't support scanning.

eth0 Interface doesn't support scanning.

eth1 Interface doesn't support scanning.

eth2 Scan completed :
Cell 01 - Address: 02:11:3B:05:78:45
Mode:Managed
ESSID:""
Encryption key:off
Channel:11
Quality:77/100 Signal level:-102 dBm Noise level:-192 dBm

sit0 Interface doesn't support scanning.

Without any doubt the eth2 interface is our wifi connection.

If you can't understand the right card neither this way use

$ lspci

on the console, which provides you a complete list.

06:00.0 Network Controller: RaLink RT2500 802.11g Cardbus/mini-PCI (rev 01)
trying to see which device is connected to (eth, wlan, etc)

After have detected the card type:

$ iwconfig eth2


with an output like this:

eth2 RT2500 Wireless ESSID:""
Mode:Managed Frequency=2.412 GHz Bit Rate:11 Mb/s Tx-Power=-1
RTS thr:off Fragment thr:off
Encryption key:off Security mode:=============
Link Quality=0/100 Signal level=-27 dBm Noise level:-200 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

You can see this is our wifi card.

Now edit /etc/network/interfaces/ to have a content like this:


# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

#auto eth0
#iface eth0 inet dhcp

auto eth2
iface eth2 inet dhcp
wireless-essid "wireless-net"
wireless-key 0f1456db9876ab15ce1222cb45

Let's explain it a bit:

> auto eth2 will load the wifi card at boot time while eth0 (ethernet card) won't because it's commented

> iface eth2 inet dhcp means we're going to use the router dhcp

> wireless-essid is the name of your wifi connection assigned during the router configuration

> wireless-key is the WEP key given to the router

NB: the WEP key is assigned by us to whatever we want, it's formed by 13-26 letters and it's a mixture of digits and letters: from 0 to 9 and from a to f


Now stop other eventual network interfaces just for security:

$ ifdown eth2

Enable your interface:

$ ifup eth2

Type

$ iwconfig eth2 enc open 0f1456db9876ab15ce1222cb45 essid wireless-net

The syntax should be clear: the WEP key (0f14...) and essid is equal to our connection's name: wireless-net or whatever you want.
Just for security type again

$ iwconfig eth2


which should output this:

RT2500 Wireless ESSID:"wireless-net"
Mode:Managed Frequency=2.462 GHz Access Point: 02:11:3B:05:78:45
Bit Rate:54 Mb/s Tx-Power=-1
RTS thr:off Fragment thr:off
Encryption key:0F14-56DB-9876-AB15-CE12-22CB-45 Security mode:open
Link Quality=74/100 Signal level=-31 dBm Noise level:-199 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

Note this time there is the connection name and the encryption key converted in hexadecimal.
Now execute:

$ dhclient eth2

Which should output this:

There is already a pid file /var/run/dhclient.pid with pid 3355
killed old client process, removed PID file
Internet Systems Consortium DHCP Client V3.0.4
Copyright 2004-2006 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/

Listening on LPF/eth2/00:11:50:65:ab:14
Sending on LPF/eth2/00:11:50:65:ab:14
Sending on Socket/fallback
DHCPREQUEST on eth2 to 255.255.255.255 port 67
DHCPACK from 192.168.0.1
bound to 192.168.0.3 -- renewal in 37334 seconds.

Note the dhcp server has assigned an IP address to the card and it launchs the PC on the net. Now you can surf from every corner of your house.
As you can note this kind of configuration uses a WEP-based Wifi encryption protocol which is a good shield for intruders and sniffers but if you want the net to be actually secure you must set an encryption WPA key.

First set the WPA key in your AP up to 63 characters (but I suggest you create it at least of 20 characters because shorter keys are vulnerable to Bruteforcing attacks).

Install WPA_Supplicant with APT

$ apt-get install wpasupplicant



Create with a text editor (nano,vim, etc) the file /etc/wpa_supplicant.conf and write down this:


network={

ssid="Nome Rete o SSDI"

psk="Chiave impostata nell'AP"

key_mgmt=WPA-PSK

proto=WPA


}

Now start wpa_supplicant:

wpa_supplicant -Dwext -iwlan0 -c /etc/wpa_supplicant.conf -dd -B

And test WPA with these commands:

$ iwconfig eth2 essid "myssid"

$ ifup eth2

$ wpa_supplicant -ieth1 -c/etc/wpa_supplicant.conf

Ping the network

$ iwconfig eth2


If you want to init everything at boot time your boot il vostro /etc/network/interfaces should look as follows:

auto eth1
iface eth1 inet dhcp
up wpa_supplicant -ieth1 -c/etc/wpa_supplicant.conf -Bw
down killall wpa_supplicant

With Gnome you can install Gnome network-interfaces and do everything with a comfortable GUI maybe following this how-to



For now it's all Cool

NB: in this tutorial the eth2 interface is just an indication, replace it with the interface more suitable to YOU and that installed in your system.

No comments: