使用命令行连接到Debian上的WPA/WPA2安全无线网络
时间:2020-03-21 11:43:08 来源:igfitidea点击:
该条款适用于WPA-PSK/WPA2-PSK安全的无线网络。
请注意,不建议使用WPA,请尽可能使用WPA2.
安装
Yoy将需要对WPA和WPA2(IEEE 802.11i)的客户端支持,以及用于操作Linux无线扩展的无线工具包:
# which iwlist iwconfig | xargs dpkg -S wireless-tools: /sbin/iwlist wireless-tools: /sbin/iwconfig
安装软件包:
# apt-get update && apt-get install wireless-tools wpasupplicant
配置
首先要做的是确保检测到无线网卡:
# lspci | egrep -i 'wireless|network' 04:02.0 Network controller: Ralink corp. RT2500 Wireless 802.11bg (rev 01)
激活wlan0接口:
# ifconfig wlan0 up
假设我们知道我们的SSID:
# iwlist wlan0 scan | grep -i random ESSID:"RandomName"
我们可以根据ASCII密码为SSID RandomName生成WPA PSK:
# wpa_passphrase RandomName passphrase
network={
ssid="RandomName"
#psk="passphrase"
psk=9c695492ff1876aeb1455f1bb3b71681bd1fb2e3b5c9334c5cac0a3b4fde5a18
}
如果偏执,请创建一个名为例如的文件。
带有密码短语的“ temp.txt”,然后通过从标准输入中读取密码短语来生成WPA PSK:
# wpa_passphrase RandomName < temp.txt
# reading passphrase from stdin
network={
ssid="RandomName"
#psk="passphrase"
psk=9c695492ff1876aeb1455f1bb3b71681bd1fb2e3b5c9334c5cac0a3b4fde5a18
}
将以下行添加到“/etc/network/interfaces”文件中:
iface wlan0 inet dhcp wpa-ssid RandomName #list of accepted authenticated key management protocols wpa-key-mgmt WPA-PSK #list of accepted group ciphers for WPA wpa-group CCMP TKIP #list of accepted pairwise ciphers for WPA wpa-pairwise CCMP TKIP #hexadecimal psk is encoded from a plaintext passphrase wpa-psk 9c695492ff1876aeb1455f1bb3b71681bd1fb2e3b5c9334c5cac0a3b4fde5a18
请注意,“ wpa-psk”值仅在以下情况下有效:
- 它是长度在8到63个字符之间的纯文本(ASCII)字符串,或者
- 它是64个字符的十六进制字符串
限制'/etc/network/interfaces'的权限,以防止预共享密钥(PSK)泄露:
# chmod 0600 /etc/network/interfaces
启用wlan0网络接口:
# ifup wlan0
它应该通过DHCP获得设置。
显示无线连接详细信息:
# iwconfig wlan0 wlan0 IEEE 802.11bg ESSID:"RandomName" Mode:Managed Frequency:2.422 GHz Access Point: 00s:11:22:33:44:55 Bit Rate=54 Mb/s Tx-Power=20 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:on Link Quality=70/70 Signal level=-40 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:83 Invalid misc:358 Missed beacon:0
Ping默认网关(路由器)以验证网络连接性:
$ping -c3 `netstat -r | grep def | awk '{print }'`
