Re: A couple of minor issues with NM

On Sat, 23 Dec 2006, Timothy Murphy wrote:

On Saturday 23 December 2006 02:00, Darren Albers wrote:

This is off topic for this list but I still have no idea what this:
"with files all over the place" means.... On my system they are in the
location I expect them to be.

In the classic - non NM - setup
there are files called ifcfg-eth0 in /etc/sysconfig/network-scripts/,
in /etc/sysconfig/networking/devices/
and /etc/sysconfig/networking/profiles/

I think it works like this:

The devices directory contains ifcfg-* files for each device you define in system-config-networking. You can have different profiles with different devices active. The appropriate device files are hardlinked from the profiles/* directories. The active profile is constructed by hardlinking the files in the appropriate profile directory from the network-scripts directory.

On some of my machines these are hard-linked files
(surely no-one uses hard links nowadays?)

Apparently, they do...

while on others they appear to be independent,
and in fact differ from one another.

I think it's just a question of which are links and which are not and what profile is active, but things may have evolved over the last couple of versions. Profiles didn't used to work all that reliably before about FC5.

You mention files in ~/.gconf/

Those have only to do with NetworkManager. The above have only to do with non-NM configuration (although IIRC, NM respects those files for static IPs.

and I have found other relevant files in /var/run/ and other places.

/var/run contains information about the running system. These files are created and destroyed by system services as they come and go. Most of them contain the process id of the service as it runs.

Has anyone else had problems getting NM to accept a WEP key?

No, but is it a hex or ascii key?   I just tried it on my system and I
was able to enter the passphrase and connect right away.

What passphrase?
I don't have any such phrase - just a network key (hex)
which seems to work perfectly well in Windows.
Actually, it works perfectly well in the usual WiFi setup in Linux,
when entered as key=... in /etc/sysconfig/network-scripts/ifcfg-eth0 .

Actually, these days, the key is in /etc/sysconfig/network-scripts/keys-eth*, which is readable only by root. The other way probably still works, but this is more secure for systems managed by a sysadmin.

Are you adding the 0x in front of the key?   I have also heard of some
people having problems when their AP is set to shared instead of open.

I didn't prefix the number with 0x,
but I'm pretty sure it doesn't require that,
as it checks that one has given 10 characters,

Ten characters (or 10 hex digits?)? Is that 40-bit WEP or 128-bit WEP? A 128-bit WEP should take 13 characters or 26 hex digits for a key. A 40-bit key takes five characters (10 hex digits).

In NM, you don't enter the 0x, but you need to select that it is a hex key and you may need to select the length. The default is to expect a passphrase that is converted to the key.

In s-c-network, you do need the 0x.

ISTR reading someplace that NM is not very happy using 40-bit keys (but I don't remember for sure). In any case, 40-bit keys are almost a waste of time from a security standpoint.

before allowing one to try to connect.
Also I said I was giving a hex key.

What exactly is the different between "shared" and "open"?
I just have a key set on my access point,
and I give that key on each machine accessing the AP.
Is that shared or open?

Actually, I tried replying both "shared" and "open",
but I didn't see any difference in the response.

Does your access point have a setting for shared vs. open? That determines what the clients are supposed to do.

In open access there is no authentication:

  1. The station sends an authentication request to the access point.
  2. The access point authenticates the station.
  3. The station associates with the access point and joins the network.

In shared-key access there is a key exchange for authentication:

   1. The station sends an authentication request to the access point.
   2. The access point sends challenge text to the station.
3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and it sends the encrypted text to the access point. 4. The access point decrypts the encrypted text using its configured WEP key that corresponds to the station's default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP key, and the access point authenticates the station.
   5. The station connects to the network.


Note that authentication is distinct from whether transmissions are encrypted, although the sme key may be used for both authentication and encryption.

		Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]