WPA_SUPPLICANT - better way to deal with it

tomeshnet / prototype-cjdns-pi

Prototype system for mesh networks on single board computers

https://chat.tomesh.net/#/room/#software:tomesh.net

GNU General Public License v3.0

218 stars 42 forks source link

WPA_SUPPLICANT - better way to deal with it #403

Open darkdrgn2k opened 5 years ago

darkdrgn2k commented 5 years ago

Work around made for this issue on #399 There is a similar one in ADHOC. Perhaps it be nice to have a better solution to isolate single interfaces

--- issue ----

Mesh point interfaces sometimes do not enter "RUNNING" mode. This prevents some services like Yggdrasil to peer.

wlan1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500

Seems that wpa_supplicant is interfering with this working on some os/wifi device combinations.

Patch will kill wpa_supplicant if running and not access point defined, but better solution required.

Does not to be a good one at the moment - Refrence https://serverfault.com/questions/869857/systemd-how-to-selectively-disable-wpa-supplicant-for-a-specific-wlan-interface/880575

darkdrgn2k commented 5 years ago

workaround:

disable encryption

Disable wpa_supplicant sudo /sbin/wpa_supplicant /sbin/wpa_supplicant.bak

Change /etc/hostapd/hostapd.conf by removing the following lines

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP

auth_algs=1
wpa=3
wpa_key_mgmt=WPA-EAP
ieee8021x=1

eap_server=1
eap_user_file=/etc/hostapd/hostapd.eap_user

ca_cert=/etc/hostapd/ca.pem
server_cert=/etc/hostapd/server.pem
private_key=/etc/hostapd/server.pem
private_key_passwd=whatever

wpa_pairwise=CCMP
rsn_pairwise=CCMP

reboot

darkdrgn2k commented 5 years ago

New patch i created SHOULD create an opt-in list for WPA enabled interfaces

Testing Required

darkdrgn2k commented 4 years ago

https://github.com/dweb-camp-2019/meshnet/blob/master/testnet/install#L9-L16