LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Can't connect to encrypted router (http://www.linuxquestions.org/questions/slackware-14/cant-connect-to-encrypted-router-4175477926/)

Woodsman 09-20-2013 06:30 PM

Can't connect to encrypted router
 
I'm trying to connect to a router using WPA encryption. I've tried the NetworkManager applets for KDE4, Trinity, and nm-applet. When I view /var/log/messages I can see attempts to connect but something always fails in the authentication effort.

I have the gnome-keyring, polkit, consolekit processes running. Not sure whether KDE4 or Trinity needs gnome-keyring or polkit. Regardless of whether I use KDE4, Trinity, or nm-applet to configure the router connection, I end up with the same NetworkManager system-connections configuration file. The configuration file does contain the psk PIN.

When we disable encryption at the router the laptop connects immediately using wireless.

No problems connecting with wired to the same router.

As I am a newbie with wireless, I suspect I don't have something configured correctly or am missing an autostarted process or service that inhibits the authentication of the router's psk PIN. Likely I have disabled something that authentication needs as until recently, for years I never needed or cared about wireless.

I'm using NetworkManager and that I where I want this thread to remain focused. :)

As always, thanks.

kikinovak 09-20-2013 07:16 PM

Could this be driver-related? What's your wireless card and what driver are you using?

mancha 09-20-2013 07:28 PM

You can increase the verbosity of Networkmanager with a small change to /etc/rc.d/rc.networkmanager changing the invocation line (circa line 36) to:
Code:

$NETWORKMANAGER_BIN --log-level=DEBUG
These logs will go to /var/log/syslog.

However, my suspicion is you'll get more clues from wpa_supplicant messages; Enable verbose logging with timestamping:

Code:

# dbus-send --system --print-reply --dest=fi.w1.wpa_supplicant1 /fi/w1/wpa_supplicant1 org.freedesktop.DBus.Properties.Set string:fi.w1.wpa_supplicant1 string:DebugLevel variant:string:"msgdump"

# dbus-send --system --print-reply --dest=fi.w1.wpa_supplicant1 /fi/w1/wpa_supplicant1 org.freedesktop.DBus.Properties.Set string:fi.w1.wpa_supplicant1 string:DebugTimestamp variant:boolean:true

Those messages should go to /var/log/wpa_supplicant.log.

--mancha

ReaperX7 09-20-2013 07:35 PM

Woodsman what exact Wireless Card do you have?

Woodsman 09-20-2013 11:56 PM

Oops, sorry folks. I had to head out the door and forgot to provide that info.

Slackware 14.0 32-bit. Thinkpad T400. According to lspci:

Network controller: Intel Corporation PRO/Wireless 5100 AGN

I have no problems connecting with wireless with no encryption. I've been running that way on my own home router since I adopted this laptop a couple of months ago. Now I'm at another person's house and we're trying to connect the laptop to his router that uses encryption. His Windows Vista laptop connects without issue.

Despite my newbie status with laptops and wireless, I doubt the problem is the driver. The logs imply an authentication problem --- kind of like NM is sending the PIN but in an incorrect manner.

With the logging adjustments, and using nm-applet, I see the following in syslog:

Code:

NetworkManager[24208]: <warn> Activation (wlan0/wireless): association took too long.
NetworkManager[24208]: <warn> Activation (wlan0/wireless): asking for new secrets
NetworkManager[24208]: <warn> Couldn't disconnect supplicant interface: This interface is not connected.
NetworkManager[24208]: <warn> No agents were available for this request.
NetworkManager[24208]: <warn> Activation (wlan0) failed for access point (w-pc)
NetworkManager[24208]: <warn> Activation (wlan0) failed.

And in wpa_supplicant.log, way, way too much information to post, but I see entries about "4WAY_HANDSHAKE -> DISCONNECTED" and "WPA: 4-Way Handshake failed - pre-shared key may be incorrect."

Edit: The router had WPS enabled, but we tested disabling that option with the same failed results.

mancha 09-21-2013 12:15 AM

I'm going to assume it's not an incorrect PSK or badly specified key management parameter since those are probably the first things you double or triple checked.

So, how about sharing what you have in /etc/NetworkManager/system-connections. Probably a file called Wi-Fi* unless you renamed it.

--mancha

zrdc28 09-21-2013 01:06 AM

When you click networkmanager icon in the taskbar does his network show up? if it does click it and it will ask for
authentication key does it accept it when you hit connect?

Woodsman 09-21-2013 01:14 AM

Solved

But my jaw hurts from pulling so many teeth. :)

Summary:

I got confused between WPA and WPS. The (Motorola) router's "Wireless Primary Network" configuration page has settings for both WPA and WPS. As a noob, I grabbed the WPS PIN because that is what succeeded for the Windows laptop.

My hunch was correct that there was an authentication problem. I was trying to send the WPS PIN in lieu of the WPA preshared key.

After we disabled WPS and the connection still failed --- because I was still using the WPS PIN --- basically we stared at the router configuration page for about four long minutes before the proverbial light bulb lit.

WPS. WPA. One letter. Same configuration page. PINs. Prehared keys. Easy for a wireless noob not to notice the difference.

Ultimate test of rebooting and connecting --- the laptop connected immediately. Tested with Trinity's TDENetworkManager and nm-applet.

I still don't understand the tip of the iceberg of wireless. I like learning but my jaw really hurts. :)

xj25vm 09-21-2013 05:11 PM

Glad it's working in the end - and thanks for sharing the solution. There have been less wifi related issues in the last few years - compared to earlier in the history of wifi - at least in my experience. However, as you've discovered - sometimes router configuration pages are not exactly straightforward to navigate and understand - and that doesn't help either.

mancha 09-22-2013 01:34 AM

It didn't register for me you had said PIN rather than PSK. By the way, your friend might want to disable WPS if possible on his AP (and others reading this thread).

A flaw in most WPS implementations effectively reduces the brute-force search space from 10,000,000 to 11,000 possibilities. Readily available tools can exploit this weakness to break into WPA/WPA2 networks in just a few hours.

Woodsman 09-22-2013 02:14 PM

Quote:

It didn't register for me you had said PIN rather than PSK.
And I didn't know better --- now I do. :)

Quote:

By the way, your friend might want to disable WPS if possible on his AP (and others reading this thread).
Yup, we already did that. :)


All times are GMT -5. The time now is 06:44 AM.