I'd like to set up WPA at home for increased security. My AP has WPA, I just need to figure out how to set it up under Guyhelm ROM.

Using the link from this thread: (http://www.oesf.org/forums/index.php?showtopic=13402&pid=85759&st=0&#entry85759)
I was able to download an archive called wpa_stuff.tar.gz which had wpa_supplicant, wpa_cli, and wpa_passphrase, as well as a couple config files.

Trying to run wpa_supplicant manually presents me with this error:

I've only been using the Guyhelm ROM a few days; I'm not sure what libraries from other feeds may or may not be compatible. Help on this matter would be appreciated.

Also, if someone who knows how to configure a WRT54G with Satori firmware with WPA using wpa_supplicant, I'd be grateful for some pointers on setting up the wpa_supplicant.conf file in a secure manner.

Thanks!

am new to 6000, so please bear with me.

**edit**

make sure your AP runs in 11b/11g mode, this will probably slow it down for g users, but otherwise you'll not get a connection

sadly, there's no linux drivers for any 802.11g cf cards yet

I recently got WPA working on my 860 using the latest cacko, so I will try the same techniques on the 6000 with G-rom rc4.

stay tuned.

gosh, a long time to wait, sorry.

After copying over various libs from my 860 (libpcap, libcrypto, libssl, libdnet), wpa_supplicant and wpa_supplicant.conf, I have gotten wpa_supplicant to start up.

When I go to work tomorrow I shall be able to try it out.

Paul

I tried it out, but unfortunately the wpa_supplicant reported that
ioctl[SIOCSIWMODE]: Function not implemented
Could not configure driver to use managed mode
...
ioctl[SIOCSIWAUTH]: Function not implemented
Failed to enable WPA in the driver

So, no joy there then

I presume that I will need to change the driver mode for the built-in wlan card, to make it use hostap or something.

Paul

Hello

You may need newer linux-wlan drivers. I'll try to compile them (you can too !). I'd then be interested in adding wpa support by default - it hasn't been done since there's no way I can experiment with it :-(

Guylhem

Do you have a suggestion for how to do this? Would you basically start with the guylhem kernel sources, and then replace the wlan drivers from a later version of 2.4.X? I don't have much practice with kernel hacking, but I might it try it soon and see how far I get.

hello

it's a separate download from Jean Tourrilhes website IIRC - you only need the crosscompilers

I know from the ralink driver forums that some drivers, whilst they compile, have endian problems, so I'll give it a go but I don't know whether the drivers will work fully if at all.

This will be my first foray into cross-compiling kernels, so will be a voyage of discovery; want to do this anyway for bluetooth modules... and anyway, I am looking for a new job, hopefully in embedded linux, so this is all valuable experience!

http://www.hpl.hp.com/personal/Jean_Tourri...11b.html#Prism2

I've sent the device driver maintainers a question as to whether usb prism driver can be made to run in hostap or do anything to help achieve WPA.

nothing heard back yet :-(

I discovered a new document about prism usb on the zaurus 6000L, and it seems that the 6000's wifi is a prism3 usb device.

dmesg tells me the version of the hardware and firmware, and it would seem that it should be possible to support hostap.

so, I download the latest wlan-ng stuff from ftp://ftp.linux-wlan.org/pub/linux-wlan-ng/
and tried building against the sources I have for the 6000's kernel.. there are many compile-time warnings, but it finally bombs out thus:

/home/zaurus/build/linux-2.4.18-rmk7-pxa3-20051020/include/asm/pgalloc.h:91: warning: passing arg 1 of `cpu_pid_va_to_mva' makes integer from pointer without a cast
In file included from prism2_usb.c:2:
hfa384x_usb.c: In function `hfa384x_drvr_readpda':
hfa384x_usb.c:3134: warning: unknown conversion type character `z' in format
hfa384x_usb.c:3134: warning: too many arguments for format
prism2_usb.c: In function `prism2sta_disconnect_usb':
prism2_usb.c:282: warning: implicit declaration of function `msleep'
make[5]: *** [prism2_usb.o] Error 1
make[5]: Leaving directory `/home/zaurus/build/linux-wlan-ng-0.2.3/src/prism2/driver'
make[4]: *** [_mod_/home/zaurus/build/linux-wlan-ng-0.2.3/src/prism2/driver] Error 2
make[4]: Leaving directory `/home/zaurus/build/linux-2.4.18-rmk7-pxa3-20051020'
make[3]: *** [default] Error 2
make[3]: Leaving directory `/home/zaurus/build/linux-wlan-ng-0.2.3/src/prism2/driver'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/home/zaurus/build/linux-wlan-ng-0.2.3/src/prism2'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/home/zaurus/build/linux-wlan-ng-0.2.3/src'
make: *** [all] Error 2

To get hostap, you need to go here: http://hostap.epitest.fi/

The wlan-ng drivers simply don't support WPA, it's a dead end.

BTW, the pdaXrom rc12 kernel already has hostap compiled. I'm going to see if I can make it work in the next few days.

(why does each ROM have its own kernel anyway??)

There's one other chance, although I've tried and failed with this one:
http://www.oesf.org/forums/index.php?showtopic=15137

hostap won't work either.

http://hostap.epitest.fi/cgi-bin/viewcvs.c...type=text/plain



I think we're basically screwed, unless we can either convince the wlan-ng guys to support WPA or the hostap guys to support USB.
Or unless you want an ugly CF card sticking out like those clamshell guys.

I think I'm going to setup a seperate unencrypted AP for the Zaurus. It will have restricted access only to my firewall box. Then, I can use openvpn over that.

Dynamic WEP keying would be another option. Dynamic WEP is much more secure than static WEP, because the key changes so often that the attacker can't collect enough statistical data to mount the standard WEP attack.

In fact, if the Zaurus is the only device connecting to the AP, this could be easily done with a home-brew solution. The Zaurus itself can take charge of rekeying. You would just need a cron script that runs every 15 minutes, generates a random WEP key, connects to the HTTP port on the AP and updates the key.