Linux/WPA の履歴(No.14)

Wi-Fi Protected Access

#navi(contents-page-name): No such page: Linux

CONTENTS

はじめに
WPA Supplicant
- Install
- Driver I/F
実験

REFERENCES

はじめに†

WPA Supplicantで動くようにks2101のdriverをつくる
なんか仕様書には、以下の設定ができるように書いてあるんだけど、実験するにはどういう環境が必要なのかいまいち調べてないから、わからない。

↑

用語・略語†

WPA: Wireless Projecter Adaptorとは関係ない。
WPA: Windows Product Activation氏ね。
PSK: Pre-Shared Key
TKIP: Temporal Key Integrity Protocol
AES: Advanced Encryption Standard

↑

WPA関連MIB†

MIB	description
DOT11_RSN_ENABLED	WPA enable or disable
DOT11_RSN_CONFIG_MULTICAST_CIPHER	WEP40,TKIP,CCMP(AES),WEP104
DOT11_RSN_CONFIG_UNICAST_CIPHER	WEP40,TKIP,CCMP(AES),WEP104
DOT11_RSN_CONFIG_AUTH_SUITE	WPA(802.1x),WPA(PreSharedKey),WPA-none(11Adhoc)
DOT11_PMK_TSC
DOT11_GMK1_TSC
DOT11_GMK2_TSC

↑

AuthenticationSuite Set?†

OID_AUTH_MODE	OID_WEP_STATUS	ENABLED	UNICAST_CIPHER	MULTICAST_CIPHER	AUTH_SUITE
Open/Shared	Encyption1Enabled	WPA disable
WPAPSK	TEncyption2Enabled	WPA enable	TKIP	TKIP	WPA(PreSharedKey)
WPAPSK	TEncyption2Enabled	WPA enable	TKIP	WEP40	WPA(PreSharedKey)
WPAPSK	TEncyption3Enabled	WPA enable	CCMP(AES)	CCMP(AES)	WPA(PreSharedKey)
WPAPSK	TEncyption3Enabled	WPA enable	CCMP(AES)	TKIP	WPA(PreSharedKey)
WPAPSK	TEncyption3Enabled	WPA enable	CCMP(AES)	WEP40	WPA(PreSharedKey)
WPA	TEncyption2Enabled	WPA enable	TKIP	TKIP	WPA(802.1x)
WPA	TEncyption2Enabled	WPA enable	TKIP	WEP40	WPA(802.1x)
WPA	TEncyption3Enabled	WPA enable	CCMP(AES)	CCMP(AES)	WPA(802.1x)
WPA	TEncyption3Enabled	WPA enable	CCMP(AES)	TKIP	WPA(802.1x)
WPA	TEncyption3Enabled	WPA enable	CCMP(AES)	WEP40	WPA(802.1x)

これは、WindowsXPのNDIS5.1の場合以下の設定で対応するってことらしい。(OID_802_11_AUTHENTICATION_MODE,OID_802_11_WEP_STATUS)
wpa_supplicantはどーなのかな？
なんかこの表変???間違ってんのか?

↑

WPA Supplicant†

↑

Install†

FreeBSD ｶﾞ━━ΣΣ(ﾟДﾟ;)━━ﾝ

# portinstall security/wpa_supplicant/
[Updating the pkgdb <format:bdb1_btree> in /var/db/pkg ... - 204 packages found (-0 +0)  done]
** Port marked as IGNORE: security/wpa_supplicant:
        is not supported on FreeBSD < 6.0

Debian

# apt-get install wpasupplicant

↑

Driver I/F†

driver に対してのI/Fはどうなんでしょ？driverが実装しなきゃいけない、ioctlとかあるのかな？
wpa_supplicantにpatch当てる必要あり？

↑

実験†

↑

WPA-PSK (TKIP) on KS2910†

予定 KS2970ね

↑

WPA-PSK (AES) on KS2910†

予定

↑

WPA-PSK (TKIP) on WN-AG/CB2†

/etc/default/wpasupplicant

ENABLED=1
OPTIONS="-Dmadwifi -iath0 -c/etc/wpa_supplicant.conf -dd -w"

/etc/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
ap_scan=1
network={
   ssid="ioAirportAp13"
   psk="hidemaru4000en"
   priority=1
}

# /etc/init.d/wpasupplicant start

Starting wpasupplicant: Initializing interface 
  'ath0' conf '/etc/wpa_supplicant.conf' driver 'madwifi'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
ap_scan=1
Line: 4 - start of a new network block
ssid - hexdump_ascii(len=13):
     69 6f 41 69 72 70 6f 72 74 41 70 31 33            ioAirportAp13   
PSK (ASCII passphrase) - hexdump_ascii(len=14): [REMOVED]
priority=5 (0x5)
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Priority group 5
   id=0 ssid='ioAirportAp13'
Daemonize..
done.

# iwconfig ath0

ath0      IEEE 802.11g  ESSID:"ioAirportAp13"  
          Mode:Managed  Frequency:2.472 GHz  Access Point: 00:A0:B0:6A:09:00
          Bit Rate:36 Mb/s   Tx-Power:50 dBm   Sensitivity=0/3
          Retry:off   RTS thr:off   Fragment thr:off
          Encryption key:41E0-9CF8-AF33-EDF7-00DD-4CC4-3C9D-2277
          Security mode:restricted
          Power Management:off
          Link Quality=46/94  Signal level=-49 dBm  Noise level=-95 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# dhclient ath0

Internet Software Consortium DHCP Client 2.0pl5
Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
All rights reserved.

Please contribute if you find this software useful.
For info, please visit http://www.isc.org/dhcp-contrib.html

sit0: unknown hardware address type 776
eth1: unknown hardware address type 24
sit0: unknown hardware address type 776
eth1: unknown hardware address type 24
Listening on LPF/ath0/00:a0:b0:4c:5b:b8
Sending on   LPF/ath0/00:a0:b0:4c:5b:b8
Sending on   Socket/fallback/fallback-net
DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 7
DHCPOFFER from 192.168.104.1
DHCPREQUEST on ath0 to 255.255.255.255 port 67
DHCPACK from 192.168.104.1
bound to 192.168.104.3 -- renewal in 43200 seconds.

# ifconfig ath0

ath0      Link encap:Ethernet  HWaddr 00:A0:B0:4C:5B:B8  
          inet addr:192.168.104.3  Bcast:192.168.104.255  Mask:255.255.255.0
          inet6 addr: fe80::2a0:b0ff:fe4c:5bb8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:319 errors:24 dropped:0 overruns:0 frame:24
          TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:199 
          RX bytes:98324 (96.0 KiB)  TX bytes:5139 (5.0 KiB)
          Interrupt:10 Memory:dfc3f000-dfc4f000

# ping 192.168.104.1

PING 192.168.104.1 (192.168.104.1) 56(84) bytes of data.
64 bytes from 192.168.104.1: icmp_seq=1 ttl=127 time=0.627 ms

↑

WPA-PSK (AES) on WN-AG/CB2†

/etc/wpa_supplicant.conf

network={
   ssid="tacoma"
   psk="aesaesaes"
   priority=2
}