Saturday, 9 June 2012

Centos 6/RHEL WEP Wireless Setup

This tutorial is to set up WEP wireless on the Centos 6 Minimal Desktop although it can be used for other rpm based distros, for anyone who has a router that will only encrypt in WEP, or just live where only WEP is available, otherwise you may benefit from the Wireless WPA2 with Static IP Tutorial.

We just want to connect a single computer via wireless so it shouldn't be a big deal, after all this is not some multiple domain server monster with many different configurations.


I went for the simple command line method and set up a script after setting my router to encrypt the key via basic WEP in 128bit open format (not shared or restricted)


WEP is easy to crack and shouldn't be used normally, especially in cities and densely populated areas as you are bound to have someone nearby who will crack your wireless at the drop of a hat.


You can set it to hidden ssid & use 128bit encryption with a hex key, which should help a little if you are forced to use WEP.

Use a little common sense, in critical situations you'd be advised NOT to do it this way but if your router only has WEP encryption (rare now) than you can get away with this method.

This method is for WEP using DHCP



You will need
  • A detected wireless device
  • dhcp and wireless-tools installed
  • The ifcfg-wlan0 file described below
  • The bash script described below
The procedure is as follows, this assumes that you actually have installed a driver for your pci/usb wireless device and that it is detected by your OS. Your system may call wlan0 something else, likewise with eth0.

Get dependencies

$ sudo yum -y install dhcp wireless-tools


Check your network

$ sudo ifconfig -a              





If wlan0 is not showing then there is a problem with your drivers and you cannot proceed. Try  http://linuxwireless.org/en/users/Drivers/ to see if there is one for your device. 

You can also use lsmod

$ lsmod | less

Scroll down with up/down arrows to see if it shows up.

Additionally, you can use getinfo if you install it.

$ getinfo.sh network

Set up the router.

Set up your router with a WEP encryption key in open 128bit format.


You can give it a hex key or asci (string) which is converted by the router  to hex, some routers don't give you the converted key back in which case get a calculator that will convert a string to hex, or use the online converter below, and get the value that way. I use a phrase converted to a hex value.

(If your string is 'thebigfatlazydog' just enter that into a converter and get the hex value back, this hex value is used in the command to connect. Some applications require you to enter the hex value even though you may have set a string in your router settings)


So use the online converter 

The WEP encryption has to be open , not shared or restricted.

Building the ifcfg-wlan0 file.


We will write a configuration file called ifcfg-wlan0 (or the name it is detected as, remember, we're doing this manually) in /etc/sysconfig/network-scripts/ it should look similar to:


TYPE=Wireless

DEVICE=wlan0          
BOOTPROTO=dhcp
BROADCAST=192.168.0.255
HWADDR=48:02:2a:91:63:90
NETMASK=255.255.255.0
ONBOOT=no
ONHOTPLUG=yes
PEERDNS=no
USERCTL=yes
IPV6INIT=no
ESSID=minimallinux
CHANNEL=6
MODE=Managed
RATE=150Mb/s

Now issue the dmesg command to obtain MAC/HWADDR

$ dmesg 


Or if you already have a ifcfg-wlan0 file

$ sudo grep wlan0 /var/log/dmesg
(you'll probably have to unplug and replug your device, especially usb)

****************************************************************

Look for 'ADDRCONF(NETDEV_UP): wlan0: link is not ready' and  'MAC Address =
48:02:2a:91:63:90

OR similar to

usb 1-7: New USB device found, idVendor=0bda, idProduct=8176

then lower down the output

EEPROMVID = 0x0bda
EEPROMPID = 0x8176




_ReadMACAddress MAC Address from EFUSE = 48:02:2a:91:63:90


****************************************************************

which tells you that your device is detected and has a MAC Address of 48:02:2a:91:63:90 (which you will need for your ifcfg-wlan0 file, that is the HWADDR)

Now build the ifcfg-wlan0 config file


$ sudo vi /etc/sysconfig/network-scripts/ifcfg-wlan0 and enter the above with the appropriate alterations to suit your system.


See Vim Editor for vi commands 

You should also be able to get the BROADCAST, NETMASK and HWADDR entries from the 'ifconfig -a' command


Once the config file is in place with the correct details reboot the computer.


Making the connection.


First make sure that dhcp and wireless-tools are installed


$ sudo su                    


# yum -y install dhcp wireless-tools


Stop existing network connection


# service NetworkManager stop 


Or disable it
             
# chkconfig --level 2345 NetworkManager off

You can check by issuing


# chkconfig --list NetworkManager     

which should show all levels at off.

# ifconfig eth0 down                           


To take down eth0

Now issue the command


# ifconfig wlan0 up         


To bring up the interface

# iwlist wlan0 scan         

You should get output like

wlan0     Scan completed :

          Cell 01 - Address: 1C:BD:B9:BE:8A:26
                    ESSID:"minimallinux"
                    Protocol:IEEE 802.11bgn
                    Mode:Master
                    Frequency:2.437 GHz (Channel 6)
                    Encryption key:on
                    Bit Rates:300 Mb/s
                    Quality=100/100  Signal level=100/100

which shows that it found my network with essid 'minimallinux' protected by an encryption key on channel 6 at 2.437Ghz, the ESSID goes into the /etc/sysconfig/network-scripts/ifcfg-wlan0 file.


Now issue the command


# iwconfig wlan0 essid minimallinux key 73237255565679686974657979


the essid being the name of your wireless network and the key being simply the hex key you have designated (or converted from a text string)


No output back is fine, after around 10 seconds issue the command


# dhclient wlan0             


Obtains an address via dhcp, again no output back is fine.

You can ping your router to check


# ping 192.168.0.1              (use your router address)


64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.826 ms

64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.800 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=1.36 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=64 time=0.811 ms
64 bytes from 192.168.0.1: icmp_seq=5 ttl=64 time=0.930 ms
64 bytes from 192.168.0.1: icmp_seq=6 ttl=64 time=0.839 ms

Means it is working             


# ping yahoo.com                


64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=1 ttl=46 time=153 ms

64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=2 ttl=46 time=153 ms
64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=3 ttl=47 time=148 ms
64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=4 ttl=46 time=166 ms

That's it, we are online.





If you reissue the dmesg command now, the line


ADDRCONF(NETDEV_UP): wlan0: link is not ready


  changes to


ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready


If you reissue the ifconfig -a command as root again it should show your connection up, this time with the address etc that it has been assigned like this


wlan0     Link encap:Ethernet  HWaddr
48:02:2a:91:63:90
          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::4a02:2aff:fe93:c74/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:644 errors:0 dropped:5771 overruns:0 frame:0
          TX packets:746 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:233983 (228.4 KiB)  TX bytes:153079 (149.4 KiB)

The connection script.

To avoid having to type all those commands every time, you can put everything in a little script and place it in the /usr/local/bin directory, issuing one command to start it.

# vi /usr/local/bin/wireless.sh       

Type into it

#! /bin/bash

ifconfig wlan0 up
iwconfig wlan0 essid minimallinux key 73237255565679686974657979
sleep 10
dhclient wlan0

Changing the essid and the key to yours. Save & chmod it.


# chmod u+x /usr/local/bin/wireless.sh  


To make it executable

Now when you log on you can open a root terminal


$ sudo su

# wireless.sh 


To start your wireless connection.

Static IP and Onboot

If you use wireless exclusively then you might want to give it a static IP and have it connect on booting the system. In this case you won't need the shell script, but create a keys file for the router key and to put some extra lines in the ifcfg-wlan0 file.

$ sudo vi /etc/sysconfig/network-scripts/keys-wlan0

Put in the file

KEY=YOURWEPKEYSTRINGORHEX

Change the lines in ifcfg-wlan0

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-wlan0

BOOTPROTO=static
DHCPCLASS=
IPADDR=192.168.0.100       #pick an IP in a valid range
GATEWAY=192.168.0.1        #your router IP address


So that's Centos 6 with a wireless usb and WEP standard encryption.


WPA2 requires the use of either wpa_supplicant and hostapd or Wicd, NetworkManager and similar programs, so thats for another post, as is wireless with a static IP & network bridge.

See also the post on Realtek USB Wireless for Centos 6
















8 comments:

  1. Pas nih, lagi nyari artikel setting wireless/router, nemu artikel ini, makasih atas sharing ilmunya

    ReplyDelete
  2. Thank you very much for this tutorial.
    It was VERY helpful and did save me a ton of time....

    -Ed

    ReplyDelete
  3. You say "...and the key being simply the hex key you have designated (or converted from a text string)" and I would say, what hex key I've designated??

    ReplyDelete
  4. When you set up your router wireless settings you are asked to set a WEP encryption key, you have to set this up as 'open' format, not shared or restricted. This is the key you supply in the command along with the essid.

    If you set it as a string you may have to convert it to a hex key value depending on your setup, so you can convert the string to a hex key as desribed using the link to the online converter above.

    ReplyDelete
  5. I wondering where are people use WEP not WPA2? I checked for one year in my town - nobody, just nobody use WEP. 365 days... three time per day...
    I will apreciate as any other new users in CentOS if you write article for WPA2 exactly for minimal linux.
    Thanks.

    ReplyDelete
  6. Will look in to it, have finish a University module first though, Regards

    ReplyDelete
  7. What a good and lovely document. Thanks very much

    ReplyDelete
  8. Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic.
    Netgear Router Tehnical Support

    Thankyou
    Lacy Brown

    ReplyDelete