Manual wireless config for Fedora 19

Manual configuration of wireless connections on a Linux system is a bit of a black art. Look below for how to do it on Fedora 19.

This is my own recipe developed over a few days of experimentation and a great deal of Googling.

While NetworkManager may work well for simple laptop clients, it can be a nightmare for fixed assets like workstations and servers. I almost always disable NM on the latter class of machine. Up until recently the major exceptions were systems that connect wirelessly. This was mostly due to outdated and confusing instructions on manually configuring wireless interfaces on Linux.

Instead of going into a lot of boring theory, let me first provide real life examples of my own configurations for a Fedora 19 media server running a Realtek based wireless card.

First, there’s the interface init script that on Red Hat derived distros like Fedora are located under /etc/sysconfig/network-scripts. Since the introduction of the new BIOS device-based naming convention for network hardware interfaces I’ve found it best to just go with the flow. On my system the Realtek wireless card comes up as wlp3s0. To discover what yours might be you can run the following command:

iwlist scan

Once you know the device name and MAC, you can construct the init script. Here’s mine:

# /etc/sysconfig/network-scripts/wlp3s0
NAME="wlp3s0"
DEVICE=wlp3s0
HWADDR=64:66:B5:EA:13:11
IPV4_FAILURE_FATAL=no
BOOTPROTO=static
TYPE=Wireless
DEFROUTE=yes
ONBOOT=yes
IPADDR=172.16.1.62
GATEWAY=172.16.1.1
NETMASK=255.255.255.0
IPV4_FAILURE_FATAL=no
MODE=Managed
ESSID="sucasa"
WPA_ALLOW_WPA=yes
WPA_ALLOW_WPA2=yes
KEY_MGMT=WPA-PSK
PEERROUTES=yes
IPV6INIT=no
IPV6_FAILURE_FATAL=no
USERCTL=no
NM_CONTROLLED=no

Note that the above config reflects the fact that my wireless router is configured for WPA2 (AES) with a pre-shared key (PSK).

Next, assuming the network access point being used is protected by WPA2 security (WEP, although simple to set up, is simply too insecure even for home networks), wpa_supplicant needs to be configured. Again, every distro has its own peculiar location and/or name for the file. On Fedora 19 it is located by default under /etc/wpa_supplicant and called wpa_supplicant.conf.

# /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel

network={
        ssid="sucasa"
        #psk="reallybadpass"
        psk=d849b5ddf31ea33fa3c125f9605544ff476a69a2b747894c81bcbb64eaf9d3a4
}

Here’s how you generate the network section of the wpa_supplicant configuration file:

wpa_passphrase sucasa reallybadpass >>wpa_supplicant.conf

In the example above sucasa is the ESSID of the access point, while “reallybadpass” is the passphrase that needs to be encoded. The output is appended to the existing configuration file.

With these in place bringing up the wireless connection should be as simple as doing an “ifup wlp3s0” (interface name will vary according to the hardware used).

Running ifconfig should confirm the interface is in operation.

Postscript:

These are the steps for making an entirely manual wireless connection using an as yet unconfigured interface. This is helpful in testing if the card is working at all, as well as if the system can interface with it. I’ve found that Realtek cards work best with Linux, Atheros not so much. Intel cards, found in many laptops, mostly work although I’ve come across exceptions. The problems that people using Windows sometimes have with their wireless connection is not always Microsoft’s fault: those kinds of issues often result from engineering decisions made (or not made) by a contract manufacturers in China.

To get a list of wireless-enabled interfaces and access points:

Before starting, make sure that both the wireless-tools and wpa_supplicant are installed.

iwlist scan

Create the WPA configuration file:

wpa_passphrase sucasa >testwpa.conf

Here, “sucasa” is the ESSID of the access point you want to connect to. The tool will prompt you for the passphrase (e.g. “badpassword”). You could also spell out the passphrase on the command line:

wpa_passphrase sucasa badpassword >testwpa.conf

Now intiate the WPA session:

wpa_supplicant -Dwext -iwlp3s0 -c ./testwpa.conf

Here, the most commonly appropriate driver, wext, is invoked, along with the wireless enabled interface found above, and the WPA configuration just written out.

Get an address from the access point over DHCP, by releasing and renewing:

dhclient -r
dhclient wlp3s0

Do an ifconfig to confirm that the wireless interface is up and running with an IP address.

[root@mine ~]# ifconfig wlp3s0
wlp3s0: flags=4099  mtu 1500
        inet 172.16.1.125  netmask 255.255.255.0  broadcast 192.168.0.255
        ether 64:66:b3:eb:30:49  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
This entry was posted in System Administration on by .

About phil

My name is Phil Lembo. In my day job I’m an enterprise IT architect for a leading distribution and services company. The rest of my time I try to maintain a semi-normal family life in the suburbs of Raleigh, NC. E-mail me at philipATlembobrothersDOTcom. The opinions expressed here are entirely my own and not those of my employers, past, present or future (except where I quote others, who will need to accept responsibility for their own rants).