Using WPA on OpenBSD (2008)

The missing WPA support was something many users where missing on OpenBSD. I now tell some practical steps on how to connect to a WPA encrypted wireless network with OpenBSD. Again – and as often OpenBSD makes it simpler than other OSes. Firstly – during install OpenBSD gives the opportunity to configure networks. I had my Thinkpad R52 not connected to any network while installing. As the internal Intel chip did never work with WPA on my Ubuntu I had a Ralink card inserted. OpenBSD also had some problems, claiming it can not find the firmware. I have not even looked what this means – because I first wanted internet and the Ralink looked much more promising. So Ralink … this is the ral driver. The manual can be found on OpenBSD with ‘man ral’ – on the web: RAL(4). The essential example is here:

Configure ral0 to join network “my_net” using WPA-PSK with passphrase
“my_passphrase”:
# ifconfig ral0 nwid my_net wpa wpapsk \
$(wpa-psk my_net my_passphrase)

Anyway. I am not here to copy the manual. What they write there is not wrong – but does not give you any network on a new boot. So the first ral card is called “ral0″. The setup did create a file: “/etc.hostname.ral0″. Here is how its contents looked: “dhcp NONE NONE NONE” – Where do you find more? In hostname.if(5). There you will get the information that you can add “options” behind the dhcp. Those options are the same as the command ifconfig gives.

Back to the example above, what does this do? “$(wpa-psk my_net my_passphrase)” executes the command “wpa-psk” – with the options: 1. SSID and 2. the passphrase. It is able to generate a wpa pre-shared key. You can generate one and COPY that. You can then paste that into the ral0 config file. So a like could look like this:

dhcp nwid <your-network> wpa wpapsk <your-key>

Thats about all you need. And now how you connect to your Router? Nothing simpler. Read about netstart(8). This is actually a non-executable script. You can start your ral0 with “sh /etc/netstart ral0″. And this should be sufficient to get it on every time you boot. A successful connected wpa wireless then will look like this:

$ ifconfig ral0

ral0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:80:5a:39:f5:e1
groups: wlan egress
media: IEEE802.11 autoselect (OFDM54 mode 11g)
status: active
ieee80211: nwid <your network> chan 9 bssid 00:1c:10:c1:ab:40 120dB wpapsk <not displayed> wpaprotos wpa1,wpa2 wpaakms psk,802.1x wpaciphers tkip,ccmp wpagroupcipher tkip 100dBm
inet6 fe80::280:5aff:fe39:f5e1%ral0 prefixlen 64 scopeid 0x5
inet 192.168.200.102 netmask 0xffffff00 broadcast 192.168.200.255

Was that complicated? I would say no. The only think I have not tried is how to best set up multiple networks. Something that works more or less on Linux with the NetworkManager. But it does not work good on my Ubuntu box. I really think that OpenBSD has shown how elegant one can do things. This is now without multiple commands – essentially it is just ifconfig. And why shouldn’t ifconfig be able to do more. Why should we need to have iwconfig, iwpriv,… ?

Linux has tried hard to make some things usable – but on the way to accomplish that Linux developers often throw away old tools and constantly reinvent the wheel. Still maybe it is simple to quickly install an Ubuntu box – but for those who know about Unix and can handle the tools you need to remember less and can do some things MUCH easier. OpenBSD has taken its time to get WPA support – much later than Linux. But now its working. Hope this posting helps some posters to get it done.

As this is an important task I state explicitly that the whole text that I wrote is public domain, so you can reuse it wherever you like.

About these ads

4 Comments

Filed under Browser, Free Software, OpenBSD, Technology

4 responses to “Using WPA on OpenBSD (2008)

  1. bsdlvr

    Looked everywhere for this info, thank you very much!

  2. Thank you so much this was extremely helpful !!!
    Studying the man pages helped also but this was
    the icing on the cake.
    Thanks again.

  3. apueb

    What if the ral0 interface is not recognized?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s