Securely connecting Linux servers to WiFi using the command line

Connecting a Linux server to WiFi requires the use of the command line. Learn the commands and procedures for wireless networking in your Linux data center.

Most Linux environments come with graphical tools that help you configuring wireless network connections. But if you want to connect a server to a wireless network, the graphical interface is not an option as on most servers (there isn’t one by default). In this tip you’ll learn how to use command line tools to connect a server to a wireless network.

In configuring a wireless interface, a few steps are involved. First, you need to check the current configuration. Assuming that your wireless interface is known to the network as wlan 0, the iwlist wlan0 scanning command is an excellent solution. This command may give you two different outputs. It will provide the configuration of your wireless network card or show a complete list of available networks. If you don't see the latter, you need to make sure the wlan0 interface is up by using ifconfig wlan0 up. At this point you should see a list of available networks.

iwlist wlan0 scanning gives a list of available network and their properties:

 root@texas:/etc/wpa_supplicant# iwlist wlan0 scanning
 wlan0     Scan completed :
           Cell 01 - Address: 00:1D:7E:0F:D3:38                     Channel:3                     Frequency:2.422 GHz (Channel 3)                     Quality=70/70  Signal level=-39 dBm                      Encryption key:on                     ESSID:"kippis"                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s                               9 Mb/s; 12 Mb/s; 18 Mb/s                     Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s                     Mode:Master                     Extra:tsf=00000895bfd8b177                     Extra: Last beacon: 170ms ago                     IE: Unknown: 00066B6970706973                     IE: Unknown: 010882848B960C121824                     IE: Unknown: 030103                     IE: IEEE 802.11i/WPA2 Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (1) : CCMP                         Authentication Suites (1) : PSK                     IE: WPA Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (1) : TKIP                         Authentication Suites (1) : PSK                     IE: Unknown: 0406000200000000                     IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00                     IE: Unknown: 2D1A6E1803FFFF000000000000000000000000000000000000000000                     IE: Unknown: 3D1603050000000000000000000000000000000000000000                     IE: Unknown: DD1E00904C336E1C03FFFF000000000000000000000000000000000000000000                     IE: Unknown: DD1A00904C3403050000000000000000000000000000000000000000                     IE: Unknown: 2A0103                     IE: Unknown: 32043048606C           Cell 02 - Address: 00:18:39:2C:5D:94                     Channel:11                     Frequency:2.462 GHz (Channel 11)                     Quality=25/70  Signal level=-85 dBm                      Encryption key:on                     ESSID:"ilestvivant"                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s                     Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s                               36 Mb/s; 48 Mb/s; 54 Mb/s                     Mode:Master                     Extra:tsf=000001981a060177                     Extra: Last beacon: 5150ms ago                     IE: Unknown: 000B696C657374766976616E74                     IE: Unknown: 010482848B96                     IE: Unknown: 03010B                     IE: WPA Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (1) : TKIP                         Authentication Suites (1) : PSK                     IE: Unknown: 0406010200000000                     IE: Unknown: 050400010000                     IE: Unknown: 2A0100                     IE: Unknown: 32080C1218243048606C           Cell 03 - Address: 00:26:F2:5F:6A:36                     Channel:6                     Frequency:2.437 GHz (Channel 6)                     Quality=20/70  Signal level=-90 dBm                      Encryption key:on                     ESSID:"valkrustlaan9"                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s                               24 Mb/s; 36 Mb/s; 54 Mb/s                     Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s                     Mode:Master                     Extra:tsf=000007b3896f1192                     Extra: Last beacon: 5740ms ago                     IE: Unknown: 000D76616C6B727573746C61616E39                     IE: Unknown: 010882840B162430486C                     IE: Unknown: 030106                     IE: Unknown: 050400030000                     IE: Unknown: 2A0100                     IE: Unknown: 2F0100                     IE: IEEE 802.11i/WPA2 Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (2) : CCMP TKIP                         Authentication Suites (1) : PSK                     IE: Unknown: 32040C121860                     IE: Unknown: 2D1A7C181BFFFF000000000000000000000000000000000000000000                     IE: Unknown: 3D1606080000000000000000000000000000000000000000                     IE: Unknown: DD0E0050F204104A0001101044000102                     IE: Unknown: DD090010180200F0050000                     IE: WPA Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (2) : CCMP TKIP                         Authentication Suites (1) : PSK                     IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00                     IE: Unknown: DD1E00904C337C181BFFFF000000000000000000000000000000000000000000                     IE: Unknown: DD1A00904C3406080000000000000000000000000000000000000000           Cell 04 - Address: 00:0C:F6:3B:83:C0                     Channel:11                     Frequency:2.462 GHz (Channel 11)                     Quality=18/70  Signal level=-92 dBm                      Encryption key:on                     ESSID:"Sitecom"                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s                               9 Mb/s; 12 Mb/s; 18 Mb/s                     Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s                     Mode:Master                     Extra:tsf=0000003836a9619b                     Extra: Last beacon: 5130ms ago                     IE: Unknown: 000753697465636F6D                     IE: Unknown: 010882840B160C121824                     IE: Unknown: 03010B                     IE: Unknown: 050402030000                     IE: Unknown: 2A0104                     IE: Unknown: 32043048606C                     IE: WPA Version 1                         Group Cipher : TKIP                         Pairwise Ciphers (1) : TKIP                         Authentication Suites (1) : PSK                     IE: Unknown: DD0700E04C01020300

In the sometimes rather long output of the iwlist wlan0 scanning command, you need to look for the ESSID's of available networks. Somewhere in the list you should see the network that you want to connect to, including the kind of encryption that is used on this network. In most cases this will be WPA encryption, so you now need to make clear which passphrase you need to connect. To do this, you have to create a file wpa_supplicant.conf. Typically, you'll find this in the directory /etc/wpa_supplicant. Here, you need to specify the name of the authentication mechanism you want to use (this will be PSK in most cases), the SSID of the network, and the WPA key you need to connect to the network.

Specifying wpa parameters in wpa_supplicant.conf

 root@texas:/etc/wpa_supplicant# cat wpa_supplicant.conf network={             ssid="mynetwork"             key_mgmt=WPA-PSK             psk="69ABC9DF20" }

After creating this file, you can run a first test to see if you can connect to the network that is specified using the wpa_supplicant command. To do this, use the following command:

 wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf

You should now see your server negotiating with the wireless network and at the end, successfully making a connection as well. If that has worked indeed, you can use the wpa_supplicant command another time, using the -B option which will start it as a daemon in the background. After doing that, you just need to set the IP configuration for the interface. If a DHCP-server is available, you can use the dhclient wlan0 command to do that. This will request an IP address from the DHCP server and after getting this address, you'll be connected.

In some cases it is useful to know how to connect to a wireless network from the command line. To do this, wpa_supplicant is the key command. After making sure that the wireless network card is up, run this command with a configuration file that contains all required wireless parameters and you'll be connected.

ABOUT THE AUTHOR: Sander van Vugt is an author and independent technical trainer, specializing in Linux since 1994. Vugt is also a technical consultant for high-availability (HA) clustering and performance optimization, as well as an expert on SLED 10 administration.

 

This was first published in June 2010

Dig deeper on Linux network administration

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close