NetworkManager versus chaves compartilhadas

Para quem nem sabe o que é NetworkManager:
  1. Site oficial: http://www.gnome.org/projects/NetworkManager/
  2. Screenshot do Applet no Gnome:
nm-applet.jpg

Eu estava aqui precisando configurar mais uma vez uma rede wireless com WEP, só que o nm-applet não procedia à correta associação ao ponto de acesso. No caso, era uma conexão onde havia compartilhamento de chave (modo restricted da opção de encriptação na placa de rede, ou chave compartilhada na interface do nm-applet). Minha versão do NetworkManager é 0.6.5-3.

Então tive de fazer na mão...

  1. Definindo o modo de chave compartilhada:
    # iwconfig eth2 enc restricted
  2. Criei um arquivo de configuração chamado test.conf para o wpa_supplicant contendo:
    ctrl_interface=/var/run/wpa_supplicant
    network={
    	ssid="MINHA REDE"
    	key_mgmt=NONE
    	wep_key0="MINHA SENHA"
    	wep_tx_keyidx=0
    }
  3. Tentei me associar ao ponto de acesso desta rede usando autenticação WEP usando:
    # wpa_supplicant -ieth2 -c/home/amadeu/test.conf
  4. Caso mostre a mensagem semelhante a esta abaixo significa que a autenticação funcionou:
    Associated with 00:11:95:be:ce:d4
    CTRL-EVENT-CONNECTED - Connection to 00:11:95:be:ce:d4 completed (auth) [id=0 id_str=]
  5. Então basta tenta pegar um IP (caso tenha DHCP na rede):
    # dhclient eth2

Ufaa... agora que peguei net procurei sobre o assunto mas...

  1. Em http://mail.gnome.org/archives/networkmanager-list/2005-December/msg00157.html alguém reporta o mesmo problema que eu mas ninguém respondeu.
  2. Aqui http://www.redhat.com/archives/rhl-beta-list/2004-November/thread.html#00166 tem uma discussão mais antiga ainda.
  3. Já em http://mail.gnome.org/archives/networkmanager-list/2005-August/msg00140.html há resposta indicando que pode ser um mal funcionamento do ponto de acesso.
  4. Olhando o /var/log/syslog tem alguma pista:
    Jan 14 10:09:47 sarang NetworkManager: <info>  Activation (eth2) Stage 1 of 5 (Device Prepare) complete. 
    Jan 14 10:09:47 sarang NetworkManager: <info>  Activation (eth2) Stage 2 of 5 (Device Configure) starting... 
    Jan 14 10:09:47 sarang NetworkManager: <info>  Activation (eth2/wireless): access point 'impa-wl' is encrypted, and a key exists.  No new key needed. 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'INTERFACE_ADD eth2^I^Iwext^I/var/run/wpa_supplicant^I' 
    Jan 14 10:09:48 sarang kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0
    Jan 14 10:09:48 sarang last message repeated 3 times
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'AP_SCAN 1' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'ADD_NETWORK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was '0' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 ssid 696d70612d776c' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 key_mgmt NONE' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 auth_alg SHARED' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 wep_key0 <key>' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 wep_tx_keyidx 0' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: sending command 'ENABLE_NETWORK 0' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 10:09:48 sarang NetworkManager: <info>  Activation (eth2) Stage 2 of 5 (Device Configure) complete. 
     ...
    Jan 14 10:10:48 sarang NetworkManager: <info>  Activation (eth2/wireless): association took too long (>60s), failing activation. 
    Jan 14 10:10:48 sarang NetworkManager: <info>  Activation (eth2) failure scheduled... 
    Jan 14 10:10:48 sarang NetworkManager: <info>  Activation (eth2) failed for access point (impa-wl) 
    Jan 14 10:10:48 sarang NetworkManager: <info>  Activation (eth2) failed. 
    Jan 14 10:10:48 sarang NetworkManager: <info>  Deactivating device eth2.</pre>
       1 Quando não é assim, acontece da associação ser *efetivada* mas o DHCP não responde (provavelmente porque a associação teve algum erro não identificado pelo !NetworkManager:<pre>
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'ADD_NETWORK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was '0' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 ssid 696d70612d776c' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 key_mgmt NONE' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 auth_alg SHARED' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 wep_key0 <key>' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'SET_NETWORK 0 wep_tx_keyidx 0' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: sending command 'ENABLE_NETWORK 0' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  SUP: response was 'OK' 
    Jan 14 11:25:41 sarang NetworkManager: <info>  Activation (eth2) Stage 2 of 5 (Device Configure) complete. 
    Jan 14 11:25:41 sarang kernel: bcm43xx: set security called, .active_key = 0, .enabled = 1, .encrypt = 1
    Jan 14 11:25:41 sarang kernel: SoftMAC: Open Authentication completed with 00:11:95:be:ce:d4
    Jan 14 11:25:41 sarang kernel: ADDRCONF(NETDEV_CHANGE): eth2: link becomes ready
    Jan 14 11:25:41 sarang NetworkManager: <info>  Activation (eth2/wireless) Stage 2 of 5 (Device Configure) successful.  Connected to access point 'impa-wl'. 
    Jan 14 11:25:41 sarang NetworkManager: <info>  Activation (eth2) Stage 3 of 5 (IP Configure Start) scheduled. 
    Jan 14 11:25:41 sarang NetworkManager: <info>  Activation (eth2) Stage 3 of 5 (IP Configure Start) started... 
    Jan 14 11:25:42 sarang NetworkManager: <info>  Activation (eth2) Beginning DHCP transaction. 
    Jan 14 11:25:42 sarang NetworkManager: <info>  Activation (eth2) Stage 3 of 5 (IP Configure Start) complete. 
    Jan 14 11:25:42 sarang NetworkManager: <info>  DHCP daemon state is now 12 (successfully started) for interface eth2 
    Jan 14 11:25:43 sarang avahi-daemon[3911]: Registering new address record for fe80::21a:73ff:fe29:7c49 on eth2.*.
    Jan 14 11:25:43 sarang NetworkManager: <info>  DHCP daemon state is now 1 (starting) for interface eth2 
    Jan 14 11:25:46 sarang dhclient: DHCPDISCOVER on eth2 to 255.255.255.255 port 67 interval 5
    Jan 14 11:25:51 sarang dhclient: DHCPDISCOVER on eth2 to 255.255.255.255 port 67 interval 6
    Jan 14 11:25:52 sarang kernel: eth2: no IPv6 routers present
    Jan 14 11:25:57 sarang dhclient: DHCPDISCOVER on eth2 to 255.255.255.255 port 67 interval 14
    Jan 14 11:26:11 sarang dhclient: DHCPDISCOVER on eth2 to 255.255.255.255 port 67 interval 19
    Jan 14 11:26:27 sarang NetworkManager: <info>  Device 'eth2' DHCP transaction took too long (>45s), stopping it.
  5. Configurei o wpa_supplicant igual ao citado acima agora adicionando a linha auth_alg=SHARED, como o applet configura o NetworkManager e executei o wpa_supplicant:
    # wpa_supplicant -i eth2 -d -c test.conf
    Scan results: 3
    Selecting BSS from priority group 0
    Try to find WPA-enabled AP
    0: 00:11:95:be:ce:d4 ssid='impa-wl' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
       skip - no WPA/RSN IE
    1: 00:15:e9:f7:1e:4d ssid='cin-wl' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
       skip - no WPA/RSN IE
    2: 00:0f:3d:ae:cb:cd ssid='impa-wl' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
       skip - no WPA/RSN IE
    Try to find non-WPA AP
    0: 00:11:95:be:ce:d4 ssid='impa-wl' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
       selected non-WPA AP 00:11:95:be:ce:d4 ssid='impa-wl'
    Trying to associate with 00:11:95:be:ce:d4 (SSID='impa-wl' freq=2412 MHz)
    Cancelling scan request
    WPA: clearing own WPA/RSN IE
    Automatic auth_alg selection: 0x1
    Overriding auth_alg selection: 0x2
    WPA: clearing AP WPA IE
    WPA: clearing AP RSN IE
    WPA: clearing own WPA/RSN IE
    wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
    wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
    wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
    wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
    wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
    wpa_driver_wext_set_key: alg=1 key_idx=0 set_tx=1 seq_len=0 key_len=13
    wpa_driver_wext_set_drop_unencrypted
    State: SCANNING -> ASSOCIATING
    wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
    WEXT: Operstate: linkmode=-1, operstate=5
    wpa_driver_wext_associate
    Setting authentication timeout: 10 sec 0 usec
    EAPOL: External notification - portControl=ForceAuthorized
    RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
    Wireless event: cmd=0x8b06 len=12
    RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
    Wireless event: cmd=0x8b04 len=16
    RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
    Wireless event: cmd=0x8b1a len=23
    RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
    Wireless event: cmd=0x8b15 len=24
    Wireless event: new AP: 00:00:00:00:00:00
    BSSID 00:11:95:be:ce:d4 blacklist count incremented to 2
    CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
    State: ASSOCIATING -> DISCONNECTED
    wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
    WEXT: Operstate: linkmode=-1, operstate=5
    EAPOL: External notification - portEnabled=0
    EAPOL: External notification - portValid=0
    RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
    Wireless event: cmd=0x8b15 len=24
    Wireless event: new AP: 00:11:95:be:ce:d4
    State: DISCONNECTED -> ASSOCIATED
    wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
    WEXT: Operstate: linkmode=-1, operstate=5
    Associated to a new BSS: BSSID=00:11:95:be:ce:d4
    Associated with 00:11:95:be:ce:d4
    WPA: Association event - clear replay counter
    EAPOL: External notification - portEnabled=0
    EAPOL: External notification - portValid=0
    EAPOL: External notification - portEnabled=1
    EAPOL: SUPP_PAE entering state S_FORCE_AUTH
    EAPOL: SUPP_BE entering state IDLE
    Cancelling authentication timeout
    Removed BSSID 00:11:95:be:ce:d4 from blacklist
    State: ASSOCIATED -> COMPLETED
    CTRL-EVENT-CONNECTED - Connection to 00:11:95:be:ce:d4 completed (reauth) [id=0 id_str=]
    wpa_driver_wext_set_operstate: operstate 0->1 (UP)
    WEXT: Operstate: linkmode=-1, operstate=6
    Cancelling scan request
    RTM_NEWLINK: operstate=1 ifi_flags=0x11003 ([UP][LOWER_UP])
    WEXT: Operstate: linkmode=-1, operstate=6
    RTM_NEWLINK, IFLA_IFNAME: Interface 'eth2' added
    RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
    RTM_NEWLINK, IFLA_IFNAME: Interface 'eth2' added
  6. E como mostra acima depois de 40 segundos a associação esteve completa e pude executar o dhclient tranquilamente e voltar a editar este blog. smile
  7. Não sei bem como resolver a questão por completo nem onde está a origem do problema, talvez seja mesmo coisa do ponto de acesso mal configurado, mas o fato é que só funcionou com o wpa_supplicant manual.

Resumindo, caso vc tenha problemas com o NetworkManager para se conectar numa rede WEP com chaves compartilhadas, basta configurar seu wpa_supplicant para a configuração abaixo, rodar ele e esperar que a associação se complete:

ctrl_interface=/var/run/wpa_supplicant
network={
	ssid="MINHA REDE"
	key_mgmt=NONE
        auth_alg=SHARED
	wep_key0="MINHA SENHA"
	wep_tx_keyidx=0
}

UPDATED Solução em http://mail.gnome.org/archives/networkmanager-list/2008-January/msg00095.html. Na verdade, eu deveria ter usado a opção WEP de 64/128-bit ASCII no menu do nm-applet e marcar chaves compartilhadas. Engraçado que tenho o mesmo problema em outra rede (puc-rio) e deve ser isso. smile

Tags:
Dicas de Softwares1Add my vote for this tag create new tag


Creative Commons License Esta obra está licenciada sob uma Licença Creative Commons.