JRRZZ blog

It seems more and more people are using GNU/Linux these days. Good! Our friends over at the Fontys University of Professional Education (grin) don’t really support that. Here’s a short instruction how to connect to the wireless network using any Debian like distro. I (of course) use Debian GNU/Linux. This should also work for Ubuntu, *MEPIS and Knoppix related projects.

Yes, this entire howto focuses on the command line. All the commands in the nifty boxes should be entered in a root terminal. Use su or sudo bash to become root.

First, we need to check if your wireless card is detected and working properly. Install the wireless tools to play around with your wireless config.

apt-get update
apt-get install wireless-tools

Now, you can check wether your network card is detected.

iwconfig

If all the devices have “no wireless extensions” you should install your wireless driver. Since that’s not the focus of this howto we’ll skip that part. Of course you’re free to contact me if you can’t get your card to work. Now we’ve got the wireless card up and running you can make a little victory dance because from now on it’s plain sailing ’till the end.

The next part: WPA support. Well, the Fontys network doesn’t really use WPA encryption but randomly distributed WEP using 8021X. But we still need the WPA support software to decode and handle 8021X requests.

apt-get install wpasupplicant

This software needs some configuration. Use your favourite editor to edit it. If you don’t know, use nano.

nano /etc/wpa_supplicant/wpa_supplicant.conf

Be sure the following lines are present:

ctrl_interface=/var/run/wpa_supplicant

network={
        ssid="fontys"
        key_mgmt=IEEE8021X
        eap=PEAP
        phase2="auth=MSCHAPV2"
        identity="PCN@student.fontys.nl"
        password="PASS"
}

Be sure to change PCN and PASS to the proper values. Now we can test it. This will generate a lot of output so make sure a lot of people are watching. It just looks cool. Be sure to change IFACE to the interface not telling you it has “no wireless extensions” from the iwconfig output. You may want to change the -D parameter from wext to that of your wireless driver. This one is the most common though. Check man wpa_supplicant what options you’ve got.

wpa_supplicant -dd -i IFACE -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf

We’re almost there! Now we need to get an IP address to browse the internet. Again, change IFACE to the proper interface. You should also open a new terminal to do this, because wpa_supplicant needs to keep running.

dhclient IFACE

If everything went well you should be able to browse the internet. If not, double check your configuration.

We’re not completely done yet. Of course you don’t want to run that silly command every time you want to read your mail or watch national geographic videos. Luckily there is a way to include this system into the global networking system. Edit the following file:

nano /etc/network/interfaces

And add the following lines (and delete the lines already present for your interface). I’m not going to tell you you should replace IFACE with your interface a third time. Oh wait…

iface IFACE inet dhcp
       wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

What this does is hooking the wpasupplicant subsystem into the ifup/ifdown calls. Every time some other system brings up your wireless card it’ll automatically start searching for the fontys network. One other system that uses this method is ACPI. So when your laptop goes to sleep and wakes up again, it’ll connect to the nearest network using our config.

Neat eh? Now all you need is doing this (insert IFACE joke here):

ifup IFACE

every time you want to use your wireless driver. No worries, even this is automated by most network managers. So if you’re using Ubuntu or MEPIS you’re really done now, I guess.

You can also add some more networks to /etc/wpa_supplicant/wpa_supplicant.conf if you want to. Debian offers some examples in /usr/share/doc/wpasupplicant/examples/. Check your distro documentation where you can find yours. If you add the contents of some of those files to wpa_supplicant.conf and edit it to match your home network config you can even put your laptop to sleep downloading stuff and continue the download at home.

Next: exploiting the weak security of the fontys network to gain access to your school results. Yes, it’s possible!

Tags: Support //