ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

WiFi with AES

Wed Jun 12, 2013 3:14 am

Hi,
How to configure WiFi adapter for AES instead of TKIP? I am using wheezy and the /etc/wpa_supplicant/wpa_supplicant.conf is below,

Code: Select all

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
        ssid="MySSID"
        proto=RSN
        key_mgmt=WPA-PSK
        pairwise=CCMP
        group=CCMP
        psk="MYPASSWORD"
}
Is this correct?

erikcf
Posts: 19
Joined: Thu May 23, 2013 4:17 am

Re: WiFi with AES

Wed Jun 12, 2013 3:20 am

I think the RSN means WPA2 and I think CCMP is a type of AES.

pjc123
Posts: 913
Joined: Thu Mar 29, 2012 3:37 pm
Contact: Website

Re: WiFi with AES

Wed Jun 12, 2013 10:52 am

Yes you use CCMP for AES. Here is what it means exactly, if you care:

CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]

And yes, for "proto" either RSN or WPA2 can be used. They mean the same thing in the config file.

Why are you asking? Wouldn't it have been easier to just try it, or did you and it failed?
My Raspberry Pi Project Page:
https://www.flaminghellmet.com/launch/

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Wed Jun 12, 2013 12:37 pm

I tried, but it seems not working, I am using TL-WN321G which is listed in supported hardware list,

http://elinux.org/RPi_VerifiedPeriphera ... i_Adapters

I am not using a external powered usb hub, instead it connected directly, the following is the /etc/network/interfaces

Code: Select all

auto lo
iface lo inet loopback
#
# Static IP Settings
iface eth0 inet static
address 192.168.1.5
network 192.168.1.0
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1

allow-hotplug wlan0
auto wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
#iface default inet dhcp
I need to use ethernet as well as wifi (not simultaneously), so any problem for the above configuration?

pjc123
Posts: 913
Joined: Thu Mar 29, 2012 3:37 pm
Contact: Website

Re: WiFi with AES

Wed Jun 12, 2013 4:34 pm

I use my router to set up static addresses for my pis through DHCP, so I can't help you there as I have never set up a static address in the /etc/network/interfaces file, although there are a bunch of examples on the forum. I don't know what OS you are using, but if it is Debian based, make sure you are using the latest Raspbian image to avoid any extra grief (old drivers, etc). The fact that it states on the wiki that you need a powered hub if using it after boot, but not before, makes me think it might be on the hairy edge of working without a powered USB hub; this is especially true if you are using a Model B Rev 1 board as on the wiki it was tested with a Model B Rev 2 board.
My Raspberry Pi Project Page:
https://www.flaminghellmet.com/launch/

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Fri Jun 14, 2013 4:01 pm

Hi,
When I tried with dhcp, it says that "wpa-roam" only supported in manual.
Thanks
Ras

pjc123
Posts: 913
Joined: Thu Mar 29, 2012 3:37 pm
Contact: Website

Re: WiFi with AES

Fri Jun 14, 2013 4:36 pm

ras123 wrote:Hi,
When I tried with dhcp, it says that "wpa-roam" only supported in manual.
Thanks
Ras
Did you make the mistake that I see so many people make when using DHCP with roaming and getting the error that you were getting:

Doing this:

iface wlan0 inet DHCP

Instead of the correct form:

iface wlan0 inet manual
My Raspberry Pi Project Page:
https://www.flaminghellmet.com/launch/

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Fri Jun 14, 2013 4:56 pm

WiFi can be connected using open mode

MrEngman
Posts: 3892
Joined: Fri Feb 03, 2012 2:17 pm
Location: Southampton, UK

Re: WiFi with AES

Fri Jun 14, 2013 5:06 pm

ras123 wrote:Hi,
How to configure WiFi adapter for AES instead of TKIP? I am using wheezy and the /etc/wpa_supplicant/wpa_supplicant.conf is below,

Code: Select all

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
        ssid="MySSID"
        proto=RSN
        key_mgmt=WPA-PSK
        pairwise=CCMP
        group=CCMP
        psk="MYPASSWORD"
}
Is this correct?
Try this

Code: Select all

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
        ssid="MySSID"
        psk="MYPASSWORD"
}
wpa_supplicant can figure out for itself what it has to do to connect.


MrEngman
Simplicity is a prerequisite for reliability. Edsger W. Dijkstra

Please post ALL technical questions on the forum. Please Do Not send private messages.

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Fri Jun 14, 2013 6:28 pm

Thanks to all, finally I found that the problem is only when the 'mac address filter' is enabled in router, but the device mac address is added in the routers mac tables and it works correctly if the device connected to my PC, but I don't know why this is not working in raspberry pi. Anything to edit?

pjc123
Posts: 913
Joined: Thu Mar 29, 2012 3:37 pm
Contact: Website

Re: WiFi with AES

Fri Jun 14, 2013 6:54 pm

ras123 wrote:Thanks to all, finally I found that the problem is only when the 'mac address filter' is enabled in router, but the device mac address is added in the routers mac tables and it works correctly if the device connected to my PC, but I don't know why this is not working in raspberry pi. Anything to edit?
It should just work. I have all my wifi devices in the mac table of my router (3 wifi dongles and a smartphone) and it works no matter what I use with it (pi, x86 desktop, etc.). I did nothing special to set up the pi.
My Raspberry Pi Project Page:
https://www.flaminghellmet.com/launch/

MrEngman
Posts: 3892
Joined: Fri Feb 03, 2012 2:17 pm
Location: Southampton, UK

Re: WiFi with AES

Fri Jun 14, 2013 7:38 pm

ras123 wrote:Thanks to all, finally I found that the problem is only when the 'mac address filter' is enabled in router, but the device mac address is added in the routers mac tables and it works correctly if the device connected to my PC, but I don't know why this is not working in raspberry pi. Anything to edit?
In the old days there were quite a few people with similar problems. The MAC address was being changed somehow but I don't remember why.

I would think a search on the forum or Google should bring up something. Try this site:raspberrypi.org mac address changing in Google. Brings up a load of stuff so you should find something to help.


MrEngman
Simplicity is a prerequisite for reliability. Edsger W. Dijkstra

Please post ALL technical questions on the forum. Please Do Not send private messages.

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Sat Jun 15, 2013 4:48 pm

But my mac address is correct, I checked it with ifconfig -a, returns correct mac address

pjc123
Posts: 913
Joined: Thu Mar 29, 2012 3:37 pm
Contact: Website

Re: WiFi with AES

Sat Jun 15, 2013 8:38 pm

ras123 wrote:But my mac address is correct, I checked it with ifconfig -a, returns correct mac address
I know it worked on the other machines and you didn't make any changes since then, but I am going to ask it anyway. Are you sure you didn't make a change, and you are using the wired mac by mistake (instead of the wireless mac)?
My Raspberry Pi Project Page:
https://www.flaminghellmet.com/launch/

ras123
Posts: 21
Joined: Thu May 23, 2013 9:55 am

Re: WiFi with AES

Sun Jun 16, 2013 3:36 pm

No, it is correct, as I already told the device is worked nicely with my PC.

MrEngman
Posts: 3892
Joined: Fri Feb 03, 2012 2:17 pm
Location: Southampton, UK

Re: WiFi with AES

Sun Jun 16, 2013 6:27 pm

ras123 wrote:No, it is correct, as I already told the device is worked nicely with my PC.
I expect it does, but the changes to the MAC address people were seeing on the Pi was not permanent, just temporary, and usually changed each time it rebooted. When used on another machine it would use it's normal MAC address. I just don't remember why this was happening as I didn't take too much notice as mine worked OK.

I would suggest you have a search through the forum for a solution.

MrEngman
Simplicity is a prerequisite for reliability. Edsger W. Dijkstra

Please post ALL technical questions on the forum. Please Do Not send private messages.

Return to “Beginners”