Monday, November 21, 2016

Connecting to WiFi using Debian's /etc/network/interfaces

It's fairly easy to connect to a wireless network from the command line using /etc/network/interfaces if you know what you're doing. When connecting to a network with WPA or WPA2 encryption, you will need wpa_supplicant, but you don't need to create a conf file. Instead, options corresponding to wpa_supplicant.conf options can be placed directly in /etc/network/interfaces. Those options aren't documented in the man page, but you can find them in /usr/share/doc/wpasupplicant/examples/wpa_supplicant.conf.gz . Add a wpa- prefix and change the underscore to a dash. For example, scan_ssid in wpa_supplicant.conf becomes wpa-scan-ssid in /etc/network/interfaces. Something like this was suggested elsewhere.

iface wlan0 inet dhcp
    wpa-scan-ssid 1
    wpa-ap-scan 1
    wpa-key-mgmt WPA-PSK
    wpa-proto RSN WPA
    wpa-pairwise CCMP TKIP
    wpa-group CCMP TKIP
    wpa-ssid "<your ssid>"
    wpa-psk "<your password>

You only need wpa-scan-ssid 1 if you want to connect to a non-broadcasting network. Some of the other parameters have sensible defaults. Note that RSN is WPA2 and CCMP is the most secure encryption. The wpa-ssid quotes will be stripped, so you can use a SSID with leading and/or trailing spaces. This is not possible with wireless-essid.

You can also use other /etc/network/interfaces options, like an allow-hotplug wlan0 line so the interface gets configured when you plug in the dongle, or a static IP instead of DHCP. The interfaces(5) man page only lists a few of the options. Others are provided by shell scripts installed by other packages, like /etc/wpa_supplicant/ for the wpa- options.

Once everything is done, you can use sudo ifup wlan0 to connect. For some reason, that command can become unresponsive to attempts to kill it, and the ifup process may need to be killed elsewhere. Use sudo ifdown wlan0 to disconnect.

No comments: