- stemy72 / wifi-on-ubuntu-server-20.md
- h4cks4w
- Генерация ключей
- Дополнительно
- Примеры конфигураций
- WPA2 + статический IP, скрытый ESSID:
- WPA1 + DHCP, ESSID виден всем:
- Смешанный режим (WPA1, WPA2) + DHCP, ESSID виден всем:
- LEAP, WEP, DHCP, ESSID виден всем:
- PEAP, AES, DHCP, ESSID виден всем:
- TTLS, WEP, DHCP, ESSID виден всем:
stemy72 / wifi-on-ubuntu-server-20.md
I want to run Ubuntu server 20 on my laptop. This by default does not use X windows, so there is no desktop environment. It also by default does not enable wifi. Servers don’t usually need wifi and desktop environments, right?
I’m using a Lenovo ThinkPad T510. I followed the instructions on the Ubuntu website for creating a bootable USB stick.
On the T510 I had to go into the bios and move USB up the list so it would boot from the stick.
Install desktop environment (optional — I did not do this)
There are plenty of choices, one is:
sudo apt install xubuntu-desktop Wifi Networks device not managed
This is based on a pretty poor understanding of what’s going on. Here’s what I guesstimate to be the situation.
As of Ubuntu 17, networking is managed by either of two approaches: NetworkManager or networkd .
Added to this, netplan is also used. See netplan.io
netplan reads YAML config files and generates config files for NetworkManager or networkd , depending on your preferences.
Also required, apparently, is wpasupplicant .
$ sudo nmcli radio wifi on $ sudo nmcli radio wifi enabled Check your devices are all recognised, even if they’re not currently being «managed»:
$ sudo iwconfig lo no wireless extensions. enp0s25 no wireless extensions. wlp3s0 IEEE 802.11 ESSID:"my-router-name" Mode:Managed Frequency:2.412 GHz Access Point: 71:5F:58:2F:79:97 Bit Rate=58.5 Mb/s Tx-Power=15 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:off Link Quality=50/70 Signal level=-60 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:12 Invalid misc:59 Missed beacon:0 wlp3s0 is the wifi device in my laptop. If yours doesn’t appear. good luck with that. Maybe try ifconfig up wlp3s0
Check your wifi is capable of detecting nearby routers:
$ sudo iwlist wlp3s0 scan wlp3s0 Scan completed : Cell 01 - Address: 70:4F:57:3F:78:87 Channel:1 Frequency:2.412 GHz (Channel 1) Quality=50/70 Signal level=-60 dBm Encryption key:on ESSID:"my-router-name" .
Again, if your output is different here, good luck!
My /etc/netplan/01-netcfg.yaml looks like this, note that it renders config files for NetworkManager . This should enable the network widget in the XFCE desktop. If this doesn’t work, you can try renderer: networkd . That’s fine, but the desktop widget will not work, and you’ll need to use the command line to view and connect to networks. In this case, running sudo netplan try followed by sudo netplan apply seems to reliably re-connect to known networks if connection is lost. (Connections are lost very easily, e.g. on waking from sleep.)
# This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 # renderer: networkd renderer: NetworkManager wifis: wlp3s0: dhcp4: yes access-points: "my-router-name": password: "" "some-other-router": password: "plain-text-password" "Public Hotspot With No Password": <>
Do not be distracted by /etc/network/interfaces ! Mine looks like this, note what the comments say, and note that there is nothing else in apart from the comments, i.e. it does nothing:
# ifupdown has been replaced by netplan(5) on this system. See # /etc/netplan for current configuration. # To re-enable ifupdown on this system, you can run: # sudo apt install ifupdown ifupdown is not on my system.
Running this seemed to get things working:
sudo su - netplan apply service network-manager restart This is confusing. The netplan config file renders for networkd yet restarting the network-manager seems to apply the netplan changes to NetworkManager.
At some point I think I also restarted the wpa_supplicant service:
sudo su - service wpa_supplicant restart As of now the wifi is working perfectly. I have not yet rebooted. I notice that the wifi indicator panel in XFCE still says «WiFi Networks device not managed», but I think that’s because it’s checking with NetworkManager , which is not being used.
Much random stabbing in the dark was involved, including the following, I have little idea if these were necessary but this is what Google led me to do:
rfkill unblock wifi systemctl disable systemd-networkd-wait-online.service systemctl mask systemd-networkd-wait-online.service Useful stuff for debugging:
root@at420:~# service netplan-wpa@wlp3s0 status ● netplan-wpa@wlp3s0.service - WPA supplicant for netplan wlp3s0 Loaded: loaded (/lib/systemd/system/netplan-wpa@.service; indirect; vendor preset: enabled) Active: active (running) since Sat 2018-06-30 11:41:10 BST; 32min ago Main PID: 2971 (wpa_supplicant) Tasks: 1 (limit: 4390) CGroup: /system.slice/system-netplan\x2dwpa.slice/netplan-wpa@wlp3s0.service └─2971 /sbin/wpa_supplicant -c /run/netplan/wpa-wlp3s0.conf -iwlp3s0 Jun 30 11:41:10 t420 systemd[1]: Started WPA supplicant for netplan wlp3s0. Jun 30 11:41:10 t420 wpa_supplicant[2971]: Successfully initialized wpa_supplicant Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: SME: Trying to authenticate with 71:5F:58:2F:79:97 (SSID='' freq=2412 MHz) Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: Trying to associate with 71:5F:58:2F:79:97 (SSID='' freq=2412 MHz) Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: Associated with 71:5F:58:2F:79:97 Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0 Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: WPA: Key negotiation completed with 71:5F:58:2F:79:97 [PTK=CCMP GTK=TKIP] Jun 30 11:41:14 t420 wpa_supplicant[2971]: wlp3s0: CTRL-EVENT-CONNECTED - Connection to 71:5F:58:2F:79:97 completed [id=0 id_str=] service wpa_supplicant status ● wpa_supplicant.service - WPA supplicant Loaded: loaded (/lib/systemd/system/wpa_supplicant.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2018-06-30 11:27:51 BST; 49min ago Main PID: 1135 (wpa_supplicant) Tasks: 1 (limit: 4390) CGroup: /system.slice/wpa_supplicant.service └─1135 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant Jun 30 11:27:50 t420 systemd[1]: Starting WPA supplicant. Jun 30 11:27:51 t420 wpa_supplicant[1135]: Successfully initialized wpa_supplicant Jun 30 11:27:51 t420 systemd[1]: Started WPA supplicant. h4cks4w
В последних версиях Debian / Ubuntu произошла смена имени сетевого интерфейса, что сделало не актуальным информацию из статьи для последних версий ОС. В связи с этим при настройке сетевого интерфейса выполняем всё тоже по инструкции меняем только имя сетевого интерфейса с wlan0 на enp0s1, enp0s2, enp0s3 и т.д. в зависимости от вашей конфигурации оборудования.
Результат должен быть, примерно такой:
wlan0 IEEE 802.11bg ESSID:»h4cks4w»
Mode:Managed Frequency:2.437 GHz Access Point: СC:22:00:ВD:B1:77
Bit Rate=48 Mb/s Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:off
Link Quality=70/70 Signal level=-40 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:2025 Invalid misc:3677 Missed beacon:0
lo no wireless extensions.
eth0 no wireless extensions.
eth1 no wireless extensions.
Теперь посмотрим доступные нам сети следующей командой:
Результат должен быть, примерно такой:
wlan0 Scan completed :
Cell 01 — Address: СC:22:00:ВD:B1:77
Channel:6
Frequency:2.437 GHz (Channel 6)
Quality=70/70 Signal level=-36 dBm
Encryption key:on
ESSID:»Virus»
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
24 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
Mode:Master
Extra:tsf=00000025cdb82b90
Extra: Last beacon: 0ms ago
IE: Unknown: 00055669727573
IE: Unknown: 010882848B962430486C
IE: Unknown: 030106
IE: Unknown: 2A0100
IE: Unknown: 2F0100
IE: Unknown: 32040C121860
IE: Unknown: DD090010180204F02C0000
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
Cell 02 — Address: EE:44:66:00:EE:44
Channel:4
Frequency:2.427 GHz (Channel 4)
Quality=34/70 Signal level=-76 dBm
Encryption key:on
ESSID:»Keenetic-3563″
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s
18 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 12 Mb/s; 24 Mb/s; 48 Mb/s
Mode:Master
Extra:tsf=000000f9e4bac140
Extra: Last beacon: 2188ms ago
IE: Unknown: 000D4B65656E657469632D33353633
IE: Unknown: 010882848B961224486C
IE: Unknown: 030104
IE: Unknown: 32040C183060
IE: Unknown: 0706525520010D14
IE: Unknown: 33082001020304050607
IE: Unknown: 33082105060708090A0B
IE: Unknown: 050400010000
IE: Unknown: DD270050F204104A000110104400010210470010BC329E001DD811B28601EC43F602ED14103C000101
IE: Unknown: 2A0104
IE: Unknown: 2D1AEE1117FFFF0000010000000000000000000000000C0000000000
IE: Unknown: 3D1604050700000000000000000000000000000000000000
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00
IE: Unknown: 0B0505001E127A
IE: Unknown: DD07000C4304000000
Откроем файл interfaces в редакторе nano (или VI кому что ближе).
Удаляем (или комментируем) все упоминания нашего беспроводного интерфейса и добавляем свои:
# The Wi-Fi network interface iface wlan0 inet dhcp wpa-driver wext wpa-ssid MoyaSetka wpa-ap-scan 1 wpa-proto WPA wpa-pairwise TKIP wpa-group TKIP wpa-key-mgmt WPA-PSK wpa-psk 7eae7e25e24909ee5b5c1db321905dee0b [ВАЖНО-см.Генерация ключей] auto wlan0
| Параметр | Описание |
|---|---|
| iface wlan0 inet dhcp | конфигурация для DHCP (для статического IP см. пример ниже)«iface wlan0» — Имя нашего интерфейса (wlan0, eth1, rausb0, ra0, итд.) |
| wpa-driver | Это wpa-driver для нашей карты(‘wext’ — общий драйвер для linux, работающий с «ndiswrapper»). Рекомендуется оставить как есть.Другие варианты:hostap = Host AP driver (Intersil Prism2/2.5/3)atmel = ATMEL AT76C5XXx (USB, PCMCIA)wext = Linux wireless extensions (generic)madwifi = Atheroswired = wpa_supplicant wired Ethernet driver |
| wpa-ssid | Имя нашей точкидоступа (ESSID). Без кавычек. |
| wpa-ap-scan | Параметр вещания точкой доступа ее имени.«1» = ESSID вещается всем.«2» = ESSID скрыт. |
| wpa-proto | Протокол«RSN» = WPA(2)«WPA» = WPA(1) |
| wpa-pairwise & wpa-group | «CCMP» = AES-шифрователь (как часть стандарта WPA(2))«TKIP» = TKIP-шифрователь (как часть стандарта WPA(1)) |
| wpa-key-mgmt | «WPA-PSK» = Аутентификация через ключевую фразу (см. ‘Cоздание ключей’)«WPA-EAP» = Аутентификация при помощи сервера аутентификаций. |
| auto wlan0 | Автоматическое включение wlan0 при загрузке/перезагрузке сети. |
Генерация ключей
Теперь нам нужно сконвертировать нашу ключевую фразу (связку ESSID и WPA ASCII) в в hex-ключ.
Результат будет примерно таким:
Наш hex-ключ, это все символы после «psk text-align: justify;»> Копируем его в буфер обмена и вставляем в файл /etc/network/interfaces в поле wpa-psk.
Теперь можно сохранить файл и перезагрузить сеть:
$ sudo /etc/init.d/networking restart
Должно установиться соединение. Если соединение не установилось — перезагружаем сервер.
Дополнительно
Отключаем чтение файла /etc/network/interfaces для others, во избежание попадания пароля от сети к третьим лицам.
$ sudo chmod o=-r /etc/network/interfaces
Примеры конфигураций
WPA2 + статический IP, скрытый ESSID:
iface wlan0 inet static address 192.168.168.40 gateway 192.168.168.230 dns-nameservers 192.168.168.230 netmask 255.255.255.0 wpa-driver wext wpa-ssid wpa-ap-scan 2 wpa-proto RSN wpa-pairwise CCMP wpa-group CCMP wpa-key-mgmt WPA-PSK wpa-psk [ВАЖНО - см. Генерация ключа] auto wlan0
WPA1 + DHCP, ESSID виден всем:
iface wlan0 inet dhcp wpa-driver wext wpa-ssid <имя_точки_доступа> wpa-ap-scan 1 wpa-proto WPA wpa-pairwise TKIP wpa-group TKIP wpa-key-mgmt WPA-PSK wpa-psk <hex_ключ> [ВАЖНО - см. Генерация ключа] auto wlan0
Смешанный режим (WPA1, WPA2) + DHCP, ESSID виден всем:
iface wlan0 inet dhcp wpa-driver wext wpa-ssid wpa-ap-scan 1 wpa-proto WPA RSN wpa-pairwise TKIP CCMP wpa-group TKIP CCMP wpa-key-mgmt WPA-PSK wpa-psk [ВАЖНО - см. Генерация ключа] auto wlan0
LEAP, WEP, DHCP, ESSID виден всем:
iface wlan0 inet dhcp wpa-driver wext wpa-ssid wpa-ap-scan 1 wpa-eap LEAP wpa-key-mgmt IEEE8021X wpa-identity wpa-password auto wlan0
PEAP, AES, DHCP, ESSID виден всем:
iface wlan0 inet dhcp wpa-driver wext wpa-ssid wpa-ap-scan 1 wpa-proto RSN wpa-pairwise CCMP wpa-group CCMP wpa-eap PEAP wpa-key-mgmt WPA-EAP wpa-identity wpa-password auto wlan0
TTLS, WEP, DHCP, ESSID виден всем:
iface wlan0 inet dhcp wpa-driver wext wpa-ssid wpa-ap-scan 1 wpa-eap TTLS wpa-key-mgmt IEEE8021X wpa-anonymous-identity wpa-identity wpa-password wpa-phase2 auth=PAP [Также: CHAP, MSCHAP, MSCHAPV2] auto wlan0
Ну вот WiFi на сервере настроен.
=====
Удачи. Не болейте и не кашляйте.
~$ h4cks4w