wpa_supplicant and WEP....

Brooks Davis brooks at one-eyed-alien.net
Fri Sep 30 15:26:28 PDT 2005

On Fri, Sep 30, 2005 at 04:28:32PM -0500, Eric Schuele wrote:
> Brooks Davis wrote:
> >On Fri, Sep 30, 2005 at 03:36:31PM -0500, Eric Schuele wrote:
> >
> >>James Snow wrote:
> >>
> >>>On Fri, Sep 30, 2005 at 09:56:21AM -0500, Eric Schuele wrote:
> >>>
> >>>
> >>>>I have gotten wpa_supplicant to work fine for WPA-PSK and open sites... 
> >>>>but I would like it to work with WEP as well.  it appears to associate 
> >>>>with a WEP site no matter what WEP key I give it.  But whether the key 
> >>>>is correct or not... I can not get a response from my DHCP server.
> >>>>
> >>>>My wpa_supplicant entry:
> >>>
> >>>...
> >>>
> >>>
> >>>>wep_tx_keyidx=0
> >>>
> >>>
> >>>I would try dropping this line. I use wpa_supplicant to connect to a
> >>>number of different wireless networks and for the WEP-only ones I've
> >>>never needed anything more than:
> >>>
> >>>ssid=...
> >>>key_mgmt=NONE
> >>>wep_key0=...
> >>>
> >>
> >>Still no go.  The wep_key0 is the clear text passphrase, correct?  Not
> >>one of the encrypted keys? right?
> >
> >
> >The entry in the example file shows both hex and ascii keys.  No
> >excryption of keys is supported by standard WEP so if your AP is doing
> >something like that you need to get the hex key it's using from it.
> If I attempt to use the hex key... it fails to parse the wpa_supplicant 
> file!?!  The AP is a linksys something-or-other... and when you type in 
> a cleartext passphrase it generates 4 hex keys.  I have tried both the 
> passphrase and the hex keys.

You definitly need to use the hex keys.  Turning a password into four
hex keys is absolutly not part of the standard.  How are you entering
your hex keys?  The examples are a bit unclear, but digging around in
the code it looks like unquoted strings are assumed to be hex strings.
They should not be prefixed by 0x.  The manpage needs some help in this

> >Have you been able to connect by hand (not using wpa_supplicant)?  If
> >not, do that first.
> Yes... I can connect using the following script

Good.  Hopefully it's just a confusing config file issue.

-- Brooks

Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050930/f3614e87/attachment.bin

More information about the freebsd-current mailing list