search

eellak / epidose

Privacy-preserving epidemic dosimeter based on DP-3T contact tracing
Apache License 2.0
52 stars 6 forks source link

Set Eduroam wpa_supplicant #24

Open dspinellis opened 4 years ago

dspinellis commented 4 years ago

Using the eduroam Configuration Assistant Tool (CAT).

stefanos1316 commented 4 years ago

So here we need a script that will install the CAT and set the appropriate configurations right? Here is the python script to install and configure the client. Should I add it in the repo and automate the installation process? Also, we should use some default username and password.

dspinellis commented 4 years ago

We only need to run the tool just once ourselves and then add the configuration to the host. More important is to setup #34 using appropriate scripts.

dspinellis commented 4 years ago

The NTUA-provided setup failed to connect.

dspinellis commented 4 years ago

Connecting to the epidose network also doesn't work. Maybe some configuration is required for connection scanning.

dspinellis commented 4 years ago

Running iwlist scan is probably required.

dspinellis commented 4 years ago

As suggested in here creating the following file in /etc/network/interfaces.d/wlan0 seems to allow roaming.

# The wireless network interface
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
stefanos1316 commented 4 years ago

Should the Ansible script configure (Eduroam SSID, psk, etc.) the wpa_supplicant.conf for the Eduroam Wifi too or such information will be included in the image of the Epidose?

dspinellis commented 4 years ago

Yes, it should configure it (WARNING: without including any secrets in the repository — these should be fetched from an environment variable). The Ansible script should be used to create the Epidose image.

stefanos1316 commented 4 years ago

Ok. Yes, Ansible offers env variables, but also command-line variables like (--extra-vars "version=1.23.45") from which we can use to feed our secrets. Do you still prefer to use env variables instead of command-line variables?

dspinellis commented 4 years ago

No preference. But an error message must be shown if the variable isn't set.

stefanos1316 commented 4 years ago

Ansible itself looks for the extra-vars while the specific task is being executed. If not found the ansible-playbook script stops immediately. I am also adding some debug information at the core tasks to better monitor the execution of the ansible script.

dspinellis commented 3 years ago

Although this is not specified in the Eduroam-provided setup, setting anonymous_identity="anonymous" seems to allow the connection with iwconfig providing the following output.

wlan0     IEEE 802.11  ESSID:"eduroam"
          Mode:Managed  Frequency:2.447 GHz  Access Point: 4C:FA:CA:F2:FD:61
          Bit Rate=1 Mb/s   Tx-Power=31 dBm
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          Link Quality=53/70  Signal level=-57 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

However, DHCP does not seem to work. Here is a log for dhclient

Dec 21 13:40:25 epidose2 dhclient[2210]: Internet Systems Consortium DHCP Client 4.4.1
Dec 21 13:40:26 epidose2 dhclient[2210]: Copyright 2004-2018 Internet Systems Consortium.
Dec 21 13:40:26 epidose2 dhclient[2210]: All rights reserved.
Dec 21 13:40:26 epidose2 dhclient[2210]: For info, please visit https://www.isc.org/software/dhcp/
Dec 21 13:40:26 epidose2 dhclient[2210]:
Dec 21 13:40:26 epidose2 dhclient[2210]: Listening on LPF/wlan0/b8:27:eb:68:28:cd
Dec 21 13:40:26 epidose2 dhclient[2210]: Sending on   LPF/wlan0/b8:27:eb:68:28:cd
Dec 21 13:40:26 epidose2 dhclient[2210]: Sending on   Socket/fallback
Dec 21 13:40:26 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 6
Dec 21 13:40:32 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 8
Dec 21 13:40:40 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 11
Dec 21 13:40:51 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 9
Dec 21 13:41:00 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 12
Dec 21 13:41:12 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 12
Dec 21 13:41:24 epidose2 dhclient[2210]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 3
Dec 21 13:41:27 epidose2 dhclient[2210]: No DHCPOFFERS received.
Dec 21 13:41:27 epidose2 dhclient[2210]: Unable to obtain a lease on first try.  Exiting.

and here is the corresponding output of dhcpcd.

Dec 21 13:00:04 epidose2 dhcpcd-run-hooks[1187]: wlan0: starting wpa_supplicant
Dec 21 13:00:04 epidose2 dhcpcd[1179]: wlan0: connected to Access Point `'
Dec 21 13:00:04 epidose2 dhcpcd[1179]: wlan0: executing `/lib/dhcpcd/dhcpcd-run-hooks' NOCARRIER
Dec 21 13:00:04 epidose2 dhcpcd[1179]: no interfaces have a carrier
Dec 21 13:00:04 epidose2 dhcpcd[1179]: forking to background
Dec 21 13:00:04 epidose2 dhcpcd[1198]: wlan0: waiting for carrier
Dec 21 13:00:04 epidose2 dhcpcd[1179]: forked to background, child pid 1198
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: carrier acquired
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: connected to Access Point `eduroam'
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: executing `/lib/dhcpcd/dhcpcd-run-hooks' CARRIER
Dec 21 13:00:06 epidose2 dhcpcd[1198]: DUID 00:01:00:01:26:d1:13:d5:b8:27:eb:68:28:cd
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: IAID eb:68:28:cd
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: adding address fe80::3875:95b7:473a:a93c
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: pltime infinity, vltime infinity
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: delaying IPv6 router solicitation for 0.3 seconds
Dec 21 13:00:06 epidose2 dhcpcd[1198]: wlan0: delaying IPv4 for 0.8 seconds
Dec 21 13:00:07 epidose2 dhcpcd[1198]: wlan0: soliciting an IPv6 router
Dec 21 13:00:07 epidose2 dhcpcd[1198]: wlan0: delaying Router Solicitation for LL address
Dec 21 13:00:07 epidose2 dhcpcd[1198]: wlan0: using ClientID 01:b8:27:eb:68:28:cd
Dec 21 13:00:07 epidose2 dhcpcd[1198]: wlan0: soliciting a DHCP lease
Dec 21 13:00:07 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 3.7 seconds
Dec 21 13:00:08 epidose2 dhcpcd[1198]: wlan0: sending Router Solicitation
Dec 21 13:00:11 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 7.3 seconds
Dec 21 13:00:12 epidose2 dhcpcd[1198]: wlan0: sending Router Solicitation
Dec 21 13:00:12 epidose2 dhcpcd[1198]: wlan0: probing for an IPv4LL address
Dec 21 13:00:12 epidose2 dhcpcd[1198]: wlan0: probing for 169.254.238.231
Dec 21 13:00:12 epidose2 dhcpcd[1198]: wlan0: ARP probing 169.254.238.231 (1 of 3), next in 1.4 seconds
Dec 21 13:00:13 epidose2 dhcpcd[1198]: wlan0: ARP probing 169.254.238.231 (2 of 3), next in 1.3 seconds
Dec 21 13:00:15 epidose2 dhcpcd[1198]: wlan0: ARP probing 169.254.238.231 (3 of 3), next in 2.0 seconds
Dec 21 13:00:16 epidose2 dhcpcd[1198]: wlan0: sending Router Solicitation
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: using IPv4LL address 169.254.238.231
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: adding IP address 169.254.238.231/16 broadcast 169.254.255.255
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: adding route to 169.254.0.0/16
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: adding default route
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: ARP announcing 169.254.238.231 (1 of 2), next in 2.0 seconds
Dec 21 13:00:17 epidose2 dhcpcd[1198]: wlan0: executing `/lib/dhcpcd/dhcpcd-run-hooks' IPV4LL
Dec 21 13:00:18 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 16.9 seconds
Dec 21 13:00:19 epidose2 dhcpcd[1198]: wlan0: ARP announcing 169.254.238.231 (2 of 2)
Dec 21 13:00:20 epidose2 dhcpcd[1198]: wlan0: sending Router Solicitation
Dec 21 13:00:20 epidose2 dhcpcd[1198]: wlan0: no IPv6 Routers available
Dec 21 13:00:35 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 32.7 seconds
Dec 21 13:01:08 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 64.0 seconds
Dec 21 13:02:12 epidose2 dhcpcd[1198]: wlan0: sending DISCOVER (xid 0x82efc26b), next in 64.5 seconds
stefanos1316 commented 3 years ago

From some online examples (1, 2, 3, 4), I have seen that it is set as "anonymous@universityname". For our example, it should be "anonymous@aueb.gr", no?

dspinellis commented 3 years ago

I went to AUEB and tested it. anonymous seems to work for associating, so let's keep it like that. I think that DHCP is a different issue, no?

stefanos1316 commented 3 years ago

I guess so. Have you test it using the wlan0 argument, i.e., dhclient wlan0?

stefanos1316 commented 3 years ago

Maybe our DHCP broadcast messages do not reach the DHCP server due to Firefall protection? In this forum, someone had a similar issue and solved it by adding the following lines in the /etc/dhcp/dhclinet.conf:

interface "wlan0" { supersede interface-mtu 0; }

I haven't tried this yet because, due to Covid-19 restrictions, only UCY students are allowed to enter the library. So I will try to ask some acquaintance if they can help me to enter a research lab to make more tests.

dspinellis commented 3 years ago

I have indeed tried running dhclient wlan0, but it didn't help.