SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You can also use wicd from the extra/ directory (of the Slack installation CD, or find a copy in the mirrors). It's a GUI tool to setup you wireless connection.
./rc.inet1 eth1 information "Any ESSID"
Polling for DHCP server on interface eth1
No carrier detected on eth1. Reducing DHCP timeout to 10 seconds.
dhcpcd: MAC address = 00:12:f0:a7:05:68
It seems to me like there's a problem when wpa_supplicant tries to login on the network.
This setup requires that you provide a username and password before you get a encryption key (but you already knew that)
Something goes wrong when wpa_supplicant tries to do that.
After failing to get a wireless connection, the slackware scripts try to get an IP by running dhcpcd, just in case the carrier detection is wrong. Since there really isn't a link, you cannot get an IP.
--
The difficult part is that the encryption key for the network has to be obtained after a login. Most WPA encrypted networks work with a passphrase, and either you have configured the right passphrase, or not.
If you want to find out what goes wrong, take 2Gnu's suggestion. Kill the wpa_supplicant that is running after bootup, and execute the wpa_supplicant command that 2Gnu gave in his post above.
You should be able to kill wpa_supplicant with this command:
Code:
wpa_cli terminate
Also, make sure the interface is up before running the wpa_supplicant command yourself:
Code:
ifconfig eth1 up
good luck and please post back if and how you get it running
edit: if the wpa_supplicant command is successfull, go to another console and run the following command, after that you should be able to connect to the internet (at least until reboot):
Trying to associate with 00:07:85:b3:4f:63 (SSID='PAL2.0' freq=2462 MHz)
Associated with 00:07:85:b3:4f:63
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
TLS: Certificate verification failed, error 2 (unable to get issuer certificate) depth 1 for '/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server@thawte.com'
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
CTRL-EVENT-EAP-FAILURE EAP authentication failed
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
Trying to associate with 00:07:85:b3:4f:63 (SSID='PAL2.0' freq=2462 MHz)
Associated with 00:07:85:b3:4f:63
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
Does this mean I got the wrong certificate? (I copy and paste it as-is from the website I mentioned above.
Is there any "special" thing about those certificate, or is there any thing else I can do here?
For sure, this is a wrong command. The "-c" option for wpa_supplicant should point to a wpa_supplicant.conf, not to a SSL certificate file.
Quote:
Does this mean I got the wrong certificate? (I copy and paste it as-is from the website I mentioned above.
Is there any "special" thing about those certificate, or is there any thing else I can do here?
You should save the certificate from that site to a new file, any name will be fine (for instance, save it as ~/ThawteCA.pem). This should be it's content:
And now, I am running into another problem.
There are two networks available as I can see, one is "PAL2.0", the other is "erdos". And even though I want to connect to PAL2.0, whenever I run the command
Trying to associate with .... (SSID='erdos' freq=2347 MHz)
I fired up another one, use wpa_cli select_network to try to connect to the right one. But no luck. It kicked me out of the wpa_supplicant when I tried doing so.
(And before I ran the wpa_supplicant command, I did run
Quote:
iwconfig eth1 essid PAL2.0
)
What should I do?
PS: After a few more tries, it stopped kicking me out, but the problem remained the same.
By the suggestion of Alien_bob, I also tried "peaplable=1" and "peaplabel=0"
They both gave the same result.
I do suspect about the certificate, by reading through the instruction at purduelug.org, it seems to me that this is something I can acquire independently with the network administration. Do you know anywhere else where I can get it?
The first error that appears in the output from wpa_supplicant you posted is: (when you ran wpa_supplicant yourself on the command line, without the "-B" option)
Quote:
TLS: Certificate verification failed, error 2 (unable to get issuer certificate) depth 1 for '/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server
I've looked at the certificate that is mentioned on the website, and that Alien_Bob posted. It is expired since 2004.
I've found the instructions for setting up Windows XP, and it seems the needed certificate is a root certificate that is widely distributed.
I've found a certificate with the same name as the expired one (and the name mentioned in the XP howto) on my slackware 12.2 + KDE4 installation. It is located in the file /usr/share/apps/kssl/ca-bundle.crt The name is Thawte Premium Server CA.
If you have KDE installed, look if you have the certificate bundle. Try to list that as your "ca_cert=" entry in wpa_supplicant.conf
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.