GNOME.org
 

Re: Resetting PSK for WPA

On 09/27/2007 10:25 PM, Robert Smits wrote:

On Thursday 27 September 2007 17:25, Patton Echols wrote:

There's a question here, but let me tell why first . . .

After hearing the vulnerability of WPA to attacks on short pre-shared
keys, I decided to reset my wireless routers to more robust keys.

Resetting Network Manager to use a different key was more of a
challenge. (I had thought that, upon finding that it's psk was wrong, it
would ask for a new one)  But it didn't.  NM just kept trying to connect.

After some judicious googling, I found two instructions:

The first (I think on Darren  Alber's faq?  but now I can't find the
page)  was to reset the SSID with the following command:

gconftool-2 --recursive-unset
/system/networking/wireless/networks/<ssid> with <ssid> replaced with
the correct one. (for what it's worth the correct directory on my ubuntu
system is:
 ~/.gconf/system/networking/wireless/networks/<ssid> and gconftools does
not like the "." in the directory name)

At any rate, once getting to the correct place, gconftool-2 did not
return any output, and a search of the man page did not reveal an
obvious "verbose" switch.  But since there was no error, I restarted NM
using:
sudo /etc/init.d/dbus restart
No luck, NM continued trying to connect with the old key.

The second instruction was more of a brute force approach.  Go to
~/.gconf/system/networking/wireless/networks/ and removing the directory
named <ssid> Again replacing with the correct name.  Another dbus
restart, no change.


FInally, having searched for quite some time to see if the old psk was
stored elsewhere, I re-booted the system.  That finally worked -- and
now I'm finally getting to the question.

As a linux newbie, one of the things I like is the ability to tweak,
break, fix etc the system without having to reboot all the time.  I
assumed that I should be able to do so with NM and with other issues a
dbus restart is just what is needed.  Can't I do this without a reboot?
Another way of asking: Where was my old key stored and what should I
have restarted so that NM would be forced to ask me for the new one?
I think this depends very much on what distro you use, and I don't see where you've told us that. 

Right, sorry, Ubuntu Feisty
In opensuse this is literally a 30 second job. Just open Yast, go to network card, edit the configuration for the wireless card and cut and paste your wpa password. Click finish and you're done.
Interesting . . . my prior reading (and limited experience) had lead me to the conclusion that NM managed the keys. ("don't need the keys in wpa_Supplicant.conf, NM takes care of it" "Just open NM window it will ask you for the key" . . .) I even thought I had done a good Google search. But did not find the right answer including terms like "ubuntu" "NetworkManager" "reset" and "wpa-psk" to no avail.** But with your suggestion, I poked around and found the "Ubuntu" answer.
At least for Feisty: Click System | Administration | Keyring Manager. In the dialog, click "allow" for whatever, select your key and go from there. In looking at the result, these may be the kkeys that are generated from the passphrase. But I bet if I delete, I'll be where I want to be. 

Thanks for the suggestion.
** BTW, this is no knock on the NetworkManager maintainers. It is a great applet, works well and does what needed and, I am pleased to read is under active development and making even more progress. But this is an example of how the folks who really know how the system works (god bless 'em) have a tough time communicating with folks who don't. (This same phenomenon is what makes my head hurt when I try to read man pages ). I suppose that what every app really needs is folks to write the documentation who -- even if they are not competent to program -- can think and write like a "noob" even though they know how it works. (Hmmm, . . . Can't quit my day job, but am I obliged to try and post my findings beyond the list serve???)
Thanks for the help. For my learning curve, I'm still interested in why a reboot worked but a dbus restart didn't. 'cuz there was no keyring manager restart? 

Thanks,

Patton
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]