Debian Linux Configure Wireless Networking With WPA2

by on January 15, 2011 · 9 comments· LAST UPDATED January 15, 2011

in

I've Atheros AR5001 wifi a/b/g card detected and supported natively under Linux. How do I configure my wireless card with WPA2 networking using /etc/network/interfaces file?

Wi-Fi Protected Access II (WPA2 i.e. IEEE 802.11i) is security protocols for wireless communication. It introduces CCMP, a new AES-based encryption mode with strong security in mind. Under Debian Linux you need to install wpasupplicant to support for WPA and WPA2 networks. Open a command-line terminal (select Applications > Accessories > Terminal), and then type the following commands as root user:

Step #1: Install wpasupplicant

To install wpasupplicant simply type the following command as root user:
# apt-get install wireless-tools
OR
# apt-get install wpasupplicant

Step #2: Verify WiFi / Wireless Card Is Detected

Use the lspci command to verify that card is detected:
# lspci
# lspci | grep -i wlan
# lspci | grep -i wireless
# lspci | grep -i wifi
# lspci -nn | grep Network

Sample outputs:

0c:00.0 Network controller: Intel Corporation Ultimate N WiFi Link 5300

This page explains the lspci command to find out Wireless driver chipset information under Linux. Or you can go to Linux wireless LAN support page and make sure your card is listed as supported device under Linux. You can also see your wireless interface name using the following command:
# ifconfig -a
OR
# dmesg | grep -i wlan
# dmesg | grep -i wireless

Step #3: Configure WPA2

Edit /etc/network/interfaces file, enter:
# vi /etc/network/interfaces
Setup wlan0 with the SSID and PSK as follows:

 
auto wlan0
iface wlan0 inet dhcp
    wpa-ssid YOUR-SSID-HERE
    wpa-psk YOUR-PASSWORD-HERE
 

Make sure you use strong pass-phrase. Save and close the file. You can now connect to the interface, enter:
# ifup wlan0
# ifconfig wlan0
# ping router-ip-here
# ping google.com

OR you can restart the networking service using any one of the following method:
# /etc/init.d/networking restart
OR
# service networking restart

Get Info About Your Network

To see more info about wifi, enter:
# iwconfig wlan0

Scan Your Wireless Network

Type the following command:
# iwlist wlan0 scan

Sample /etc/network/interface Config File

 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto eth0
iface eth0 inet static
        address 192.168.1.5
        netmask 255.255.255.0
        network 192.168.1.0
        gateway 192.168.1.1
 
# The wireless network interface with dhcp
auto wlan0
iface wlan0 inet dhcp
    wpa-ssid nixcraft
    wpa-key-mgmt WPA-PSK
    wpa-group TKIP CCMP
    wpa-psk YOYR-PASSWORD-HERE
 

Troubleshooting wpa_supplicant

See wpa_supplicant log file /var/log/wpa_supplicant.*.log using the tail, more, or grep command:
# tail -f /var/log/wpa_supplicant.wlan0.log
# grep 'something' /var/log/wpa_supplicant.wlan0.log

A Note About GUI Configuration Tool

You can use NetworkManager - a graphical interfaces for GNOME and KDE. If you are using NetworkManager, avoid using Debian's /etc/network/interfaces file. See this page for more information about Gnome / KDE wireless network config tool.

Recommended readings:

Anytime you need assistance with Linux wifi configuration option, turn to the following man page first. It will give you detailed information, parameters and switches for wifi configurations. For example, man 5 interfaces opens the man page for the interfaces network configuration file:
$ man 5 interfaces
$ man 8 wpa_supplicant
$ man 8 iwconfig
$ man 8 iwlist

See how to use apt-get command to install packages under Linux.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 9 comments… read them below or add one }

1 Alex April 6, 2011 at 10:01 pm

Thank you very much.
It’s helped for me on Debian 6.0.1 Squeeze.

Reply

2 Mr.Mac October 3, 2011 at 8:12 pm

Thanks for the nice tut!

I used it w. Debian 6 squeeze w. an old Mac Min who has a

root@macmini:~# lspci | grep -i wireless
02:00.0 Ethernet controller: Atheros Communications Inc. AR5001 Wireless Network Adapter (rev 01)

I chose a static IP:

root@macmini:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
	address 10.0.0.5
	netmask 255.255.255.0
	network 10.0.0.0
	broadcast 10.0.0.255
	gateway 10.0.0.1
	# dns-* options are implemented by the resolvconf package, if installed
	dns-nameservers 10.0.0.1
auto wlan0
iface wlan0 inet static
        wpa-ssid ***hidden***
        wpa-psk ***hidden***
        address 10.0.0.6
        netmask 255.255.255.0
        network 10.0.0.0
        broadcast 10.0.0.255
        gateway 10.0.0.1
        # dns-* options are implemented by the resolvconf package, if
        # installed
        dns-nameservers 10.0.0.1

everything works fine, BUT…:

When I unplug the ethernet cable, the wireless connection vanishes.
Why is this so and how can I prevent it from happening? :)

Cheers! :)

Reply

3 Wizzy April 14, 2012 at 9:12 am

It is static solution and today world is dynamic. It is rather most awkward solution I ever have seen. Use Network Manager instead. It would remember password and they won’t be stored in plain text. What is the point for WPA/RSN (there no such thing as WPA2, standard do not specify any WPA1 nor WPA2 – just WPA and RSN and coding standards TKIP and CCMP), if you would provide password for potential cracker in plain text?

Reply

4 Gandur May 8, 2012 at 8:08 pm

Lol…isn’t it possible to etablish wlan WPA2 with static configuration?

The statis config was also the problem why my network wasn’t working. I have to enable the dhcpd on the router an open crackers a door more?! ;)

Reply

5 neonsignal June 1, 2012 at 12:23 pm

An alternative to storing the WPA SSID and passphrase in the /etc/network/interfaces file is to store them in /etc/wpa_supplicant/wpa_supplicant.conf. The advantage of this is that the passphrases are not readable to non-root users.

The wpa_supplicant.conf is not as simple in format; but a stanza can be generated by using the wpa_passphrase tool:

wpa_passphrase ssid key >>/etc/wpa_supplicant/wpa_supplicant.conf

You then need to add a line to the /etc/network/interfaces iface stanza so that it knows where it find the configuration:

wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

There are, of course, options for using WPA2 and setting any other parameters.

Reply

6 Gandur June 3, 2012 at 10:25 am

The network-manager of ubuntu disallowed me to configure wlan with static addresses. After a deinstallation of it and a reboot works my wlan with static configuration perfect.

Reply

7 Nick June 13, 2012 at 7:13 pm

Awesome article that really helped me. Stupid question, how would you enter an ssid that’s multiple words? My ssid was “Nick’s Network” and I entered: wpa-ssid “Nick’s Network” and it refuse to obtain an IP. In desperation I changed the ssid on the router to Nick and now it works fine. What was I doing wrong?

Reply

8 nixCraft August 23, 2012 at 2:23 pm

It should work:

wpa-ssid "YOUR SSD HERE"

It is possible that ‘ an apostrophe may have caused the problem.

Reply

9 Rondinelli December 13, 2013 at 1:24 am

Thank you! Works very well!! :)

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: