MADWIFI-WPA_SUPPLICANT(RSN/WPA-PSK/CCMP) Guide André Pfeiler version 1.0.0, 29. May 2006 - last revised 30. May 2006 Abstract madwifi-ng and wpa_supplicant with RSN/WPA-PSK/CCMP authentification in some configurations gives an error like: State: SCANNING -> ASSOCIATING, wpa_driver_madwifi_associate, ioctl[unknown???]: Invalid argument, Association request to the driver failed. Here is a little description how it works for me with an Atheros Chipset, kernel-2.6.16.18 Debian GNU/Linux testing. Table of Contents What you need Getting this document Download, compile and install the madwifi driver Download, configure, compile and install wpa_supplicant Configure your network device Bringing up your network device Configure wpa_supplicant for RSN/WPA-PSK/CCMP Check loaded kernel modules load kernel modules in needed Starting wpa_supplicant If you have comments or error corrections, please send them to the . What you need * wireless-tools * kernel needs to be compiled with AES support. 'modprobe aes' or check in the kernel config if option CONFIG_CRYPTO_AES=m or y * [http://madwifi.org/||madwifi] * [http://hostap.epitest.fi/wpa_supplicant/||wpa_supplicant] Getting this document Download this document [./madwifi-wpa_supplicant_RSN_howto.pdf||PDF], [./madwifi-wpa_supplicant_RSN_howto.ps||PS], [./madwifi-wpa_supplicant_RSN_howto.txt||Text], [./madwifi-wpa_supplicant_RSN_howto.tex||TeX], [./madwifi-wpa_supplicant_RSN_howto.sgml||sgml] version or all as [./madwifi-wpa_supplicant_RSN_howto.tar.bz2||tar.bz2 package] including the configuration files. Download, compile and install the madwifi driver use the latest madwifi-ng subversion checkout # cd /usr/src # svn checkout http://svn.madwifi.org/trunk madwifi-ng # cd madwifi-ng # make # make install Download, configure, compile and install wpa_supplicant use the latest wpa_supplicant version # cd /usr/src # wget http://hostap.epitest.fi/wpa_supplicant/wpa_supplicant-0.4.9.tar.gz # tar xvfz wpa_supplicant-0.4.9.tar.gz # cd wpa_supplicant-0.4.9 # touch .config -----------------insert these lines into the newly created .config file ------------------- CONFIG_DRIVER_MADWIFI=y # Change include directories to match with the local setup CFLAGS += -I/usr/src/madwifi-ng CONFIG_DRIVER_WEXT=y CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 (automatically included if EAP-TTLS is enabled) CONFIG_EAP_MD5=y # EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) CONFIG_EAP_MSCHAPV2=y # EAP-TLS CONFIG_EAP_TLS=y # EAL-PEAP CONFIG_EAP_PEAP=y # EAP-TTLS CONFIG_EAP_TTLS=y # EAP-GTC CONFIG_EAP_GTC=y # EAP-OTP CONFIG_EAP_OTP=y # LEAP CONFIG_EAP_LEAP=y # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y # Include control interface for external programs, e.g, wpa_cli CONFIG_CTRL_IFACE=y ---------------------------------------------------------------------------------------------------------------- # make # make install Configure your network device example configuration with static ip: ########################################## # AtherosG AR5212 802.11abg NIC (rev 01) # ########################################## auto ath0 iface ath0 inet static address 192.168.1.112 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 Bringing up your network device if done, bring up your network device # /etc/init.d/networking restart or # ifconfig ath up Configure wpa_supplicant for RSN/WPA-PSK/CCMP create this file # touch /etc/wpa_supplicant.conf insert the following lines ###################################### ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 # 2 works for me too ap_scan=1 fast_reauth=1 network={ ssid="hacktheplanet" # this should be your ESSID key_mgmt=WPA-PSK proto=RSN pairwise=CCMP TKIP group=CCMP TKIP scan_ssid=0 #psk="YourPassphrase" # use 'wpa_passphrase yourEssid' and enter your passphrase up to 64 chars psk=********** } ###################################### Check loaded kernel modules # lsmod Module Size Used by wlan_ccmp 6528 3 fglrx 376012 0 lp 7840 0 wlan_xauth 1536 0 wlan_tkip 10368 0 wlan_scan_sta 10496 1 ath_pci 74660 0 ath_rate_sample 9600 1 ath_pci wlan 153820 7 wlan_ccmp,wlan_xauth,wlan_tkip,wlan_scan_sta,ath_pci,ath_rate_sample ath_hal 189392 3 ath_pci,ath_rate_sample load kernel modules in needed if not all modules are loaded, especially wlan_xauth and wlan_tkip, try # modprobe wlan_xauth # modprobe wlan_tkip Starting wpa_supplicant Now you should be able to start wpa_supplicant and auth to your hotspot. # wpa_supplicant -dd -D madwifi -i ath0 -c /etc/wpa_supplicant.conf you should see something like this: State: GROUP_HANDSHAKE -> COMPLETED CTRL-EVENT-CONNECTED - Connection to 00:14:a5:8d:34:94 completed (auth) EAPOL: External notification - portValid=1 EAPOL: External notification - EAP success=1 EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state SUCCESS EAP: EAP entering state DISABLED EAPOL: SUPP_PAE entering state AUTHENTICATED EAPOL: SUPP_BE entering state IDLE if everything works as expected, replace the -dd by -B to start wpa_supplicant in daemon mode.