slackware-current/patches/source/wpa_supplicant/README.slackware
Patrick J Volkerding 970e55afb6 Wed Feb 28 18:36:48 UTC 2024
patches/packages/wpa_supplicant-2.10-x86_64-2_slack15.0.txz:  Rebuilt.
  Patched the implementation of PEAP in wpa_supplicant to prevent an
  authentication bypass. For a successful attack, wpa_supplicant must be
  configured to not verify the network's TLS certificate during Phase 1
  authentication, and an eap_peap_decrypt vulnerability can then be abused
  to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
  Success packet instead of starting Phase 2. This allows an adversary to
  impersonate Enterprise Wi-Fi networks.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-52160
  (* Security fix *)
2024-02-29 13:30:42 +01:00

55 lines
2 KiB
Text

=================================================
How do I get my card to use WPA-PSK in Slackware?
=================================================
First off: wpa_supplicant REQUIRES the AP to broadcast the SSID. When the AP
hides its SSID, all you will get out of wpa_supplicant is the message:
"No suitable AP found"
Also, read the MADwifi FAQ (http://madwifi.sourceforge.net/dokuwiki/doku.php)
since it contains a wealth of information.
This being said, you'll have to do the following (as root):
Edit the file named /etc/wpa_supplicant.conf and add these lines:
network={
scan_ssid=0
proto=WPA
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP WEP104 WEP40
}
Then execute:
/usr/sbin/wpa_passphrase YOURSSID passphrase
with the SSID of your AP and the passphrase you've entered in its WPA-PSK configuration. You'll receive an output, which looks like this:
network={
ssid="YOURSSID"
#psk="passphrase"
psk=66a4bfb03de5656cf26cfa03a116097546046f4aea11ee044b841171207d8308
}
Copy the three lines within the network-tag into your own entry in wpa_supplicant.conf and change the permissions after you've finished editing:
chmod 640 /etc/wpa_supplicant.conf
To get your network device up and running, execute:
### /usr/sbin/wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -iath0 -Dmadwifi ###
### you don't have to run the above command by hand, because it will ###
### be executed by the rc.inet1 command that you run: ###
/etc/rc.d/rc.inet1 ath0_start
In case you want to see the wpa_supplicant in action, start it on the command line before enabling the wireless device, by running:
/usr/sbin/wpa_supplicant -dw -c/etc/wpa_supplicant.conf -iath0 -Dmadwifi
The terminal where you've started the wpa_supplicant should now show the communication between your wlan card and the AP. If you got everything up and running you can let Slackware's init script take over by killing wpa_supplicant and running:
/etc/rc.d/rc.inet1 ath0_restart
Studying the wpa_supplicant README is also highly recommended for further insight!