HOWTO: NetworkManager with WPA 1&2 Support on Dapper
Further Clarification:
There's some history that's been lost since the writing of this guide. Originally, (say, back in February 2006), Dapper had NO native support for WPA + NetworkManager and had NO plans of including it before the Dapper release. Fortunately, some time later, Dapper was delayed and WPA + NetworkManager support WAS included after all. Especially now that Dapper, Ubuntu 6.06, has been released, you should ALWAYS try installing the network-manager and network-manager-gnome or knetworkmanager packages FIRST. This can be done for Ubuntu by the following code:
Code:
sudo apt-get install network-manager-gnome
or for Kubuntu with the following:
Code:
sudo apt-get install knetworkmanager
ONLY in the event that this does not work should you try the below guide, using it as a base to either get WPA + NetworkManager working or at least get your foot in the ground. This guide was originally written for getting ipw2100 and ipw2200 chipsets working, but nowadays these already work in Dapper's NetworkManager for most people! However, the guide is slowing expanding to include other drivers, including the Atheros-based chipsets' Madwifi drivers, which have made active improvement since Dapper's version of them.
Introduction
NetworkManager is a fancy-dancy service and gnome applet that allows you to browse and connect to wireless networks. NetworkManager can also switch to a wired network, if available. Unfortunately, previous versions of NetworkManager have been unable to manage or connect to WPA networks. When you are done with this guide, you will have the latest version of NetworkManager and wpa_supplicant installed from CVS and have WPA1 and WPA2 support with both TKIP and AEP options working correctly.
This guide assumes that you already have an active Internet connection during setup. This guide also installs, at best, some beta-quality software. Although I haven't experienced any problems, some may exist, and you yourself are responsible for any problems that you get into as a result of this guide. It may hose your system. Probably not, but if we could predict when our systems get hosed, then why would we ever let that happen? ;)
Potential bad news: This guide is only for Ubuntu Dapper. Breezy and below users don't have a new enough kernel.
Downloading required tools
First thing's first, you need the Universe repository enabled. If you haven't done this yet, see here:
https://wiki.ubuntu.com/MOTU/Package...iversePackages
This HOWTO also assumes that you've created a "wpa" directory in your home directory, i.e. that you type in at a console:
Let's get some nice compiling tools and headers if we don't already have them.
Open up a console and type:
Code:
sudo apt-get install build-essential cvs subversion automake1.9 gcc-3.4
Also, let's grab the linux-headers so that we can compile drivers:
Code:
sudo apt-get install linux-headers-`uname -r | cut -d'-' -f3`
The above command installs a linux-headers-X metapackage. Note: If you switch kernel platforms from, say a 386 to a 686 kernel, you WILL need to run the above command again to install the headers for that kernel.
Drivers
There are two things we're going to try here--updating to the latest drivers and then installing the latest NetworkManager plus its network-related dependencies. First, let's take care of the drivers.
ieee80211 Subsystem (for some drivers, see below)
Download the ieee80211 subsystem for the following drivers:
ipw2100
ipw2200/2915
You don't need to for the following:
madwifi, since madwifi doesn't use it
You really shouldn't install it with the following:
ipw3945, since ipw3945 breaks with it
Your mileage will probably vary with other unlisted drivers. If your own chipset's drivers are not on this list and you know enough about them, feel free to reply with the necessary info to enhance this list.
Download this file to your ~/wpa directory:
http://prdownloads.sourceforge.net/i...4.tgz?download
Start a console and enter:
Code:
cd ~/wpa tar -zxvf ieee80211-1.1.14.tgz
cd ieee80211-1.1.14
sudo sh remove-old
sudo rm -rf /lib/modules/$(uname -r)/kernel/net/ieee80211
sudo rm -rf /usr/src/linux-headers-$(uname -r)/include/net/ieee80211*
sudo rm -rf /usr/src/linux-headers-$(uname -r)/include/config/ieee80211*
make
sudo make install
If you have an IPW2100 chipset
This section is for those who want to have the latest and greatest IPW2100 drivers.
If you have an IPW2200 or IPW2915 chipset, keep scrolling down until you see the section for that.
Download this file to your ~/wpa directory:
http://prdownloads.sourceforge.net/i...1.tgz?download
Start a console and enter:
Code:
cd ~/wpa
tar -zxvf ipw2100-1.2.1.tgz
cd ipw2100-1.2.1
sudo sh remove-old
make
sudo make install
Great, if there are no errors, you've got the newest drivers installed.
If you have an IPW2200 or an IPW2915 chipset
This section is for those who want the latest and greatest IPW2200/IPW2915 drivers.
Download this file to your ~/wpa directory:
http://prdownloads.sourceforge.net/i...3.tgz?download
Code:
cd ~/wpa
tar -zxvf ipw2200-1.1.3.tgz
cd ipw2200-1.1.3
sudo sh remove-old
make
sudo make install
Great, if there are no errors, you've got the newest drivers installed.
If you have an Atheros-based chipset (Madwifi drivers)
Code:
cd ~/wpa
svn checkout http://svn.madwifi.org/trunk madwifi
cd madwifi
make
sudo make install
Your Driver HowTo Here
If installing a newer driver for your wireless chipset fixed WPA + NetworkManager when it otherwise didn't work, reply so it can be included here!
A note about updating the drivers
This is a good time to add that if you want up-to-date IPW drivers, you'll need to reinstall the latest ipw drivers whenever you update kernels, even for kernel security updates through apt-get! A new kernel means that there are new drivers that must again be replaced with the newest ones.
NetworkManager and Dependencies
The second strategy is to update to the latest NetworkManager, beginning with some of its important dependencies.
Installing latest libnl from svn
In the console:
Code:
cd ~/wpa
svn co https://svn.suug.ch/repos/tgr/libnl
cd libnl
./configure
make
sudo make install
sudo mkdir -p /usr/local/lib/pkgconfig
sudo cp libnl-1.pc /usr/local/lib/pkgconfig/
Installing lastest wpaupplicant from cvs
Next thing we've got to install is the latest wpa_supplicant from cvs. If you already have a version of wpa_supplicant installed via the package manager, uninstall it. Although wpa_supplicant used to require a patch to work with NetworkManager, the patch is now included in the latest cvs version:
Code:
cd ~/wpa
cvs -d :pserver:anonymous@hostap.epitest.fi:/cvs login
cvs -d :pserver:anonymous@hostap.epitest.fi:/cvs co hostap
cd hostap/wpa_supplicant
cp defconfig .config
sudo apt-get install cdbs debhelper dpatch libssl-dev libreadline5-dev
make
sudo make install
Careful: Did you receive this error?
Code:
for i in wpa_supplicant wpa_passphrase wpa_cli dynamic_eap_methods; do cp $i /usr/local/sbin/$i; done
cp: cannot stat `dynamic_eap_methods': No such file or directory
make: *** [install] Error 1
If so, if you want to use the CVS version for now, edit the Makefile line 12 from this:
Code:
ALL=wpa_supplicant wpa_passphrase wpa_cli dynamic_eap_methods
...to this:
Code:
ALL=wpa_supplicant wpa_passphrase wpa_cli# dynamic_eap_methods
Then run "sudo make install" again!
Installing latest NetworkManager from svn
First thing's first. Uninstall the network-manager package using apt-get or Synaptic if it's currently installed. (I've recently edited this to reflect network-manager's switch from cvs to svn. Let me know if anyone has any issues.)
Now let's download the latest NetworkManager from svn:
Code:
sudo apt-get install debhelper cdbs gnome-common intltool libgnome-keyring-dev libdbus-glib-1-dev libiw-dev libgnomeui-dev libpanel-applet2-dev libglade2-dev libgconf2-dev libhal-dev libnl-dev libnotify-dev docbook-to-man dhcdbd libnotify-dev
cd ~/wpa
svn co http://svn.gnome.org/svn/NetworkManager
cd NetworkManager/trunk
gedit configure.in
By default, the compiler is set to treat warnings as errors. Unfortunately, there will probably be warnings, or at least there have been in the past, so we want to disable this setting. Press ctrl+f and search for Werror to find the line that looks like this:
Code:
CFLAGS="-Wall -Werror -std=gnu89 $CFLAGS"
...and remove "-Werror " such that it looks like this:
Code:
CFLAGS="-Wall -std=gnu89 $CFLAGS"
Save and close.
We have to edit another file:
Code:
gedit initscript/Debian/NetworkManager
And find where it (for some reason) says:
Code:
DAEMON=/usr/sbin/$NAME
And change it to read:
Code:
DAEMON=/usr/local/sbin/$NAME
Now we have to make just one more config change to get the applet to work properly:
Code:
gedit gnome/applet/nm-applet.conf
Add this in there (just below the <policy user="root">...</policy> block is a nice place):
Code:
<policy user="YOURUSERNAME">
<allow own="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
<allow send_interface="org.freedesktop.NetworkManager"/>
</policy>
(Be sure to replace YOURUSERNAME with your actual user name.)
Save and close. Now do the exact same thing to this file:
Code:
gedit src/NetworkManager.conf
Save and close.
If you don't do the above, then you'll probably get dbus security errors when you try to run nm-applet.
Now let's
Code:
./autogen.sh
make
sudo make install
Now we have to do some system-specific stuff that the svn version doesn't install by default:
Code:
sudo cp src/NetworkManager.conf /etc/dbus-1/system.d/
sudo cp gnome/applet/nm-applet.conf /etc/dbus-1/system.d/
sudo cp initscript/Debian/NetworkManager /etc/init.d/
sudo update-rc.d -f NetworkManager remove
sudo update-rc.d NetworkManager start 30 2 3 4 5 . stop 70 0 1 6 .
Hopefully that went well. Now there's a few dozen different services and drivers we could restart to get this working without rebooting, but let's just reboot instead.
Conclusion
When Ubuntu comes up, try running nm-applet from the console. You will have an icon in the notification area, and you should be able to use it to see and connect to WPA networks! If this is working properly, add it to the startup by going to the System menu on the gnome panel, Preferences, then Sessions. Go to the Startup Programs tab, and add nm-applet. Now the NetworkManager applet will start up automatically!
If it's not working properly and you want to further debug the problem, you can try this:
Code:
sudo killall NetworkManager
sudo NetworkManager --no-daemon
... as this will give you console output, for example, as to what's going on on the network side of things, since nm-applet will just return applet errors.
Phew! It's over now! Hopefully you're now enjoying your newfound WPA support and not reinstalling Ubuntu! ;)
Uninstall
Network Manager:
Code:
sudo rm /etc/dbus-1/system.d/NetworkManager.conf
sudo rm /etc/dbus-1/system.d/nm-applet.conf
sudo rm /etc/init.d/NetworkManager
sudo update-rc.d -f NetworkManager remove
cd ~/wpa/NetworkManager/trunk
sudo make uninstall
wpa_supplicant:
Code:
sudo rm /usr/local/sbin/wpa_*
libnl:
Code:
sudo rm /usr/local/lib/libnl*
sudo rm -r /usr/local/include/netlink
sudo rm /usr/local/lib/pkgconfig/libnl-1.pc
Drivers:
Reinstall your kernel image from the Ubuntu repositories.
Code:
sudo apt-get install --reinstall linux-image-`uname -r`
sudo apt-get install --reinstall linux-restricted-modules-`uname -r`
Re: HOWTO: NetworkManager with WPA 1&2 Support
Hi!
Thanks for a great howto!
However, things are not working quite yet.
I am having trouble connecting to a network with wpa2-psk/TKIP.
The router does not broadcast its ESSID.
All non-encrypted networks work like a charm
From the debugout it looks like its timing out.
Found others who where struggeling with this at the networkmanager mailing-lists,
but no solution.
Have anyone else encountred this, and do anyone know of a solution?
This is the output from networkmanager:
NetworkManager: <information> Activation (eth1) successful, device activated.
NetworkManager: <debug info> [1139929332.754570] nm_device_802_11_wireless_get_activation_ap (): Forcing AP 'LEWlan01'
NetworkManager: <information> User Switch: /org/freedesktop/NetworkManager/Devices/eth1 / LEWlan01
NetworkManager: <information> Deactivating device eth1.
CTRL-EVENT-TERMINATING - signal 15 received
NetworkManager: <information> Device eth1 activation scheduled...
NetworkManager: <information> Activation (eth1) started...
NetworkManager: <information> Activation (eth1) Stage 1 (Device Prepare) scheduled...
NetworkManager: <information> Activation (eth1) Stage 1 (Device Prepare) started...
NetworkManager: <information> Activation (eth1) Stage 2 (Device Configure) scheduled...
NetworkManager: <information> Activation (eth1) Stage 1 (Device Prepare) complete.
NetworkManager: <information> Activation (eth1) Stage 2 (Device Configure) starting...
NetworkManager: <information> Activation (eth1/wireless): access point 'LEWlan01' is unencrypted, no key needed.
NetworkManager: <information> SUP: sending command 'INTERFACE_ADD eth1 wext /var/run/wpa_supplicant '
NetworkManager: <information> SUP: response was 'OK'
NetworkManager: <information> SUP: sending command 'AP_SCAN 2'
NetworkManager: <information> SUP: response was 'OK'
NetworkManager: <information> SUP: sending command 'ADD_NETWORK'
NetworkManager: <information> SUP: response was '0'
NetworkManager: <information> SUP: sending command 'SET_NETWORK 0 ssid 4c45576c616e3031'
NetworkManager: <information> SUP: response was 'OK'
NetworkManager: <information> SUP: sending command 'SET_NETWORK 0 scan_ssid 1'
NetworkManager: <information> SUP: response was 'OK'
NetworkManager: <information> SUP: sending command 'SET_NETWORK 0 key_mgmt NONE'
NetworkManager: <information> SUP: response was 'OK'
NetworkManager: <information> SUP: sending command 'ENABLE_NETWORK 0'
NetworkManager: <information> SUP: response was 'OK'
Trying to associate with SSID 'LEWlan01'
NetworkManager: <information> Activation (eth1) Stage 2 (Device Configure) complete.
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
NetworkManager: <information> eth1: link timed out.
NetworkManager: <information> Old device 'eth1' activating, won't change.
NetworkManager: <information> Activation (eth1/wireless): association took too long (>20s), failing activation.
NetworkManager: <information> Activation (eth1) failure scheduled...
Re: HOWTO: NetworkManager with WPA 1&2 Support
About all you can do is occassionally check this file for updates:
http://cvs.gnome.org/viewcvs/Network...geLog?view=log
and update the source from CVS and reinstall if you suspect that it might be fixed.
If you're feeling brave, you can join the mailing list and report the bug too.
Re: HOWTO: NetworkManager with WPA 1&2 Support
Fantastic howto!!! I can't tell you how thrilled I am to finally see "WPA" listed as an option in Network Manager. However, I can't connect to my home WPA network! I've just got a Linksys WRT54G with regular WPA TKIP on, a Dell 700m with Intel ipw2200 and after I eneter my password for the network it sits there and tries to connect for awhile but ultimately gives up and presents me with the password dialog box once again. I followed every instruction to the letter in the How-to, and (for once) didn't experience a single problem -- everything went just as you said. I'm on Dapper nightly 20060217.2 (fresh install yesterday).
Any ideas why it can't authenticate? I did have NM and wpasupplicant installed via respositories prior to this howto, but I removed them as you instructed. I don't know if that has anything to do with it, but I though I'd mention it. Thanks for anyone's help.
Re: HOWTO: NetworkManager with WPA 1&2 Support
Uh-oh it looks like I have a bigger problem. Ever since following this how-to, I can't seem to connect to non-secure networks either. I can't figure it out. Help! (EDIT: to be more accurate, it connects to the insecure networks but I can't get an IP. Manually running dhclient doesn't work.)
Also, does anyone know where Network Manager stores its list of preferred networks?
UPDATE: when I run NetworkManager --no-daemon and look at the output, the DHCP request times out on every network. And what I think is wierd is that for every network it tries to connect to it says the frequency is 0 MHz. ?
I'd really appreciate someone's help on this. At least before I could connect to non-WPA wireless networks; now I can't connect to anything.
Re: HOWTO: NetworkManager with WPA 1&2 Support
NM stores the preferred networks using gconf.
You can browse the settings by typing in gconf-editor at a terminal. Then the networks will be stored in /system/networking/wireless/networks
I was recently at a friends place who has a Linksys WRT54G V5. I have a WRT54G V4 with the latest firmware, and everything works fine. However, with my friend's V5 and the stock firmware, I couldn't connect either manually with wpa_supplicant or using NM. I finally convinced him to upgrade his firmware to the latest version, but then I could only connect with wpa_supplicant. NM still wouldn't work.
The V5 is based on an entirely different (and actually technologically inferior) platform than the V4, so I'm not really surprised that there's a discrepancy. But it goes to show that your mileage can vary, even from AP to AP. I guess another thing that you could take from this is that if anyone is in the market for a wireless router, the Linksys WRT54G V4 (or WRT54GL--same model) seems to be a winner.
The IP issue that you're having though is strange. If you plug in a network cable, is NM capable of getting an IP then?
Re: HOWTO: NetworkManager with WPA 1&2 Support
Thanks. I can see the keys in gconf, but I can't delete them. What if I want to clear out my preferred wifi networks?
I have a Linksys WRT54G v4. And I can't connect to other wireless routers (like my secondary Netgear one or a separate Linksys one) either, so the router isn't the issue.
NM has no problem getting an IP for the wired connection. Only wireless can't auto-configure an IP.
Re: HOWTO: NetworkManager with WPA 1&2 Support
You can right-click the values in the right display and unset them. I've found in the past that if you unset all of the values in a directory, the directory will disappear the next time you run gconf-editor.
If you want to delete the keys, these are stored in the gnome keyring. You can access and delete these using gnome-keyring-manager, which if you don't have, it is downloadable in the repositories. You can run it using the same name.
Re: HOWTO: NetworkManager with WPA 1&2 Support
Well I went through the whole how-to again just to make sure I didn't miss anything, but I still can't get an IP from any wireless network now. I really don't know what to do at this point.
Re: HOWTO: NetworkManager with WPA 1&2 Support
For ipw2200-1.0.12 and kernel 2.6.15, you need a patch to get DHCP working.
The bug is mentioned under http://www.bughost.org/bugzilla/show_bug.cgi?id=919.
The patch is available there.
Direct link: http://www.bughost.org/bugzilla/attachment.cgi?id=674
Best regards,
Whoopie