I've already written about configuring and using DLink wireless card with the help of RT61 driver. However, few readers like to know more about Wi-Fi Protected Access (WPA and WPA2) secure wireless configurations.
Step # 1: Configure Router / AP with WPA2 Security Mode
First you need to configure WPA2 security mode on the access point. All devices on your network must use the same security mode in order to communicate. Open router configuration by visiting default IP https://192.168.1.1/ and setup
- Security Mode: WPA2 Personal
- WPA2 Algorithm: You may choose from AES or TKIP+AES. Choose TKIP+AES if you have both WPA and WPA2 devices on your network.
- WPA2 Pre-Shared Key: Choose a unique key to authenticate with other devices on your network. The Pre-Shared Key must be between 8 and 63 characters in length. You can generate unique key by visiting this webpage. You can also use standard UNIX / Linux utilities to generates true random passwords (key) by using the /dev/random feature of Linux.
- Group Key Renewal: This settings determines how often your group key changes.
Step # 2: Configure RT61 Wireless Card
Open /etc/network/interfaces file and make changes as follows:
$ sudo vi /etc/network/interfaces
auto ra0 iface ra0 inet dhcp pre-up iwconfig ra0 mode managed pre-up ifconfig ra0 up pre-up iwconfig ra0 essid nixcraft pre-up iwpriv ra0 set AuthMode=WPA2PSK pre-up iwpriv ra0 set WPAPSK='|zdUkK(!X)_'G!}@1|@OS/6RA#'+}eq8b&V@x1%OZyyDVV:Xwp8UmwLFNS^7=A+' pre-up iwpriv ra0 set EncrypType=AES
Save and close the file. Make sure you replace device name (ra0), essid and WPAPSK with actual configuration parameters. Restart the networking:
$ sudo /etc/init.d/networking restart
Other simple security suggestion
- Change the default admin password on the access point / router.
- If possible turn off administration feature on the access point for wireless interface
- Set up an access control list by Mac address of all devices you want to associate with the access point.
Please note that above instructions are only tested using RT61 driver under Ubuntu Linux. However, instructions should work with any other Linux distos and drivers with minor or minimum changes.
- man pages - iwpriv, interfaces, iwconfig
- Original RT61 configuration how to
- Wi-Fi Alliance's WPA2 page
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop