# mini how-to on WPA-PSK on Centrino (ipw2100)

## risa2000

Motivation

Since I have installed gentoo I was looking for real support for my wireless Centrino card (in Thinkpad R40). I did not consider ndiswrapper as an alternative, and ipw2100 driver was lacking some vital features (like WPA support) so the hardware was unused until now.

Note: As mentioned in subject, this mini how-to deals only with WPA-PSK. The reason is simple - I have only WPA-PSK enabled environment (namely SMC2804WBR Barricade G router/AP). Also, the whole procedure was tested on one laptop Thinkpad R40 with Centrino mini-PCI WiFi card - known as "Calexico" or in linux as "ipw2100". So, if it does not work on Acer, ASUS or other Centrino featured notebook, do not shoot me  :Wink: .

Intel driver

Intel released a new driver ipw2100 (version 0.56 in the time of writing this) with (possibly) full support for WPA through wpa_supplicant. It seems that the main active developer of ipw2100 is Pedro Ramalhais who also posted script  to give some hints about installing ipw2100 & wpa_supplicant. I believe it could even work as "fire and forget", but since it is not tailored to gentoo tweaks I used a slightly different approach.

```
emerge ipw2100
```

Should give the latest and greatest driver. Next, you may also

```
emerge wpa-supplicant
```

Which is masked and also a bit dated. The version in portage in the time of writing is 0.24 which would not work, but I did it anyway to "keep reference" in my portage about this emerge. It might become handy in the future.

Note: You should not emerge wpa-supplicant if you are used to doing scripted emerge world, since you can re-emerge back the non-working version. But, if you are like me, who do emerge world carefully (but who might forget that wpa-supplicant was installed) emerging this (and rewriting) can remind you, when new version is available.

WPA support (aka wpa_supplicant)

Now is the time to build "good" wpa_supplicant, patched according to Pedro's script. Actually I used only the part of it named wpa_supp.sh:

```
#!/bin/bash

# These should be left untouched

IPW2100_VERSION=0.56

WPA_SUPP_VERSION=0.2.5

WPA_SUPP_CONF=wpa_supplicant-test.conf

#

# Build wpa_supplicant

#

rm -f wpa_supplicant-${WPA_SUPP_VERSION}.tar.gz

rm -f wpa_supplicant-${WPA_SUPP_VERSION}-ipw2100.patch

wget -c http://hostap.epitest.fi/releases/wpa_supplicant-${WPA_SUPP_VERSION}.tar.gz &&

wget -c http://www.uninova.pt/~pmr/files/WPA/wpa_supplicant-${WPA_SUPP_VERSION}-ipw2100.diff &&

tar zxvf wpa_supplicant-${WPA_SUPP_VERSION}.tar.gz &&

cd wpa_supplicant-${WPA_SUPP_VERSION} &&

patch -p1 < ../wpa_supplicant-${WPA_SUPP_VERSION}-ipw2100.diff &&

cat > .config << _EOF_

CONFIG_DRIVER_WEXT=y

CONFIG_DRIVER_IPW2100=y

CONFIG_WIRELESS_EXTENSION=y

CONFIG_IEEE8021X_EAPOL=y

CONFIG_EAP_MD5=y

CONFIG_MSCHAPV2=y

CONFIG_EAP_TLS=y

CONFIG_EAP_PEAP=y

CONFIG_EAP_TTLS=y

CONFIG_EAP_GTC=y

CONFIG_EAP_OTP=y

CONFIG_EAP_SIM=y

CONFIG_EAP_LEAP=y

_EOF_

make

```

```
mkdir wpa_supplicant

cd wpa_supplicant

~/wpa_supp.sh

```

This should build wpa_supplicant version 0.25 patched with the support for ipw2100. You can then copy built binaries wpa_cli, wpa_supplicant, and wpa_passphrase manually to /usr/sbin (where you overwrite the original binaries from emerge, if you did emerge).

Now the test config from Pedro's file should look like this (wpa_supplicant.conf):

```
ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=0

network={

   ssid="<your ssid>"

   proto=WPA

   key_mgmt=WPA-PSK

   pairwise=CCMP TKIP

   group=CCMP TKIP WEP104 WEP40

   psk=<your pre-shared key>

}

```

Testing of the whole thing is simple:

```
modprobe ipw2100

INTERFACE=wlan0

WPA_SUPP_CONF=/etc/wpa_supplicant.conf

WPA_ESSID=<your essid>

ifconfig ${INTERFACE} up

iwconfig ${INTERFACE} essid ${WPA_ESSID}

wpa_supplicant -dddd -i${INTERFACE} -c${WPA_SUPP_CONF} -Dipw2100

```

I would like to point out that I am using wlan alias for ipw2100, so my wireless interface is not (by any chance) competing with wire NIC for indexes. If you use eth for wireless, use here proper ethX instead of wlan0.

The tricky part here is setting up essid on interface using iwconfig. I had to do it, otherwise the card would not associate with AP. I presume this is because I have AP set to not broadcast its ESSID, and in this situation the driver probably needs a clue to what it should stick. I assume if AP is broadcasting, this should not be necessary and the ap_scan=1 in wpa_supplicant.conf should suffice.

The last part is blending the new module into gentoo environment. There are some nice function preup, postup, predown, postdown called from /etc/init.d/net.eth0, which do what theirs names suggest. So I added some to my /etc/conf.d/net:

```
ifconfig_wlan0="dhcp"

iwconfig_wlan0="essid <your essid>"

dhcpcd_wlan0="-h `hostname`"

WPA_SUPP_DIR=/usr/sbin

WPA_SUPPLICANT=wpa_supplicant

WPA_SUPP_CONF=/etc/wpa_supplicant.conf

WPA_DRIVER=ipw2100

WPA_IFACE=wlan0

preup()

{

    local IFACE=${1}

    eval iwconfig_IFACE=( \"\$\{iwconfig_$IFACE\}\" )

    if [[ ${IFACE} == ${WPA_IFACE} ]]; then

        /sbin/lsmod | /bin/grep ${WPA_DRIVER}  > /dev/null;

        if [[ -n $? ]] ; then

            einfo "Setting up the driver ${WPA_DRIVER}"

            modprobe ${WPA_DRIVER}

        fi

        einfo "Setting iwconfig params for ${IFACE}"

        /usr/sbin/iwconfig ${IFACE} ${iwconfig_IFACE}

        einfo "Initializing WPA supplicant for ${IFACE}"

        ${WPA_SUPP_DIR}/${WPA_SUPPLICANT} -B -i${IFACE} -c${WPA_SUPP_CONF} -D${WPA_DRIVER}

    fi

    return 0;

}

postdown()

{

    local IFACE=${1}

    if [[ ${IFACE} == ${WPA_IFACE} ]]; then

        einfo "Killing WPA supplicant for ${IFACE}"

        killall ${WPA_SUPPLICANT}

        einfo "Removing driver ${WPA_DRIVER}"

        /sbin/modprobe -r ${WPA_DRIVER}

    fi

    return 0;

}

```

This script might be improved with some cool stuff like adding 'wpa_wlan0=yes' and then doing some cool checking on existence and value of this property, or not, but since this is noob mini how-to for noobs, it is dirty (and simple).

Since I am using hotplug with udev, but have my ipw2100 driver is blacklisted for hotplug (so it won't load at the startup automatically), I can activate WPA link using either:

```
modprobe ipw2100
```

or

```
/etc/init.d/net.wlan0 start
```

Both methods result in calling /etc/init.d/net.wlan0 script. Shutting down is easy as:

```
/etc/init.d/net.wlan0 stop
```

This will also remove the driver.

Note: Loading and removing the driver is there merely for aesthetical reason. When the driver is not present the wireless LED on my laptop is not lit (and vice versa). I do not know if simply removing the driver will power off the card, so those who hunt for every spare mW, should also take a look at some power-off solution (and add it to the shutdown sequence).

----------

## thepi

Nice Howto, risa. Although wpa_supplicant now officially supports the ipw2100 driver (using the ~x86 version from portage, wpa_supplicant-0.3.1). The configuration examples are still helpful. Thanks for that.

On a sidenote, how did you get your ipw2100 to be associated to an interface name different from eth1? I searched the forums already, but was unable to find a hint (adding an alias in /etc/modules.d/ipw2100 didn't help).

Regards,

 pi~

----------

## quat

nice how-to. time to move for WPA.

 *thepi wrote:*   

> On a sidenote, how did you get your ipw2100 to be associated to an interface name different from eth1? I searched the forums already, but was unable to find a hint (adding an alias in /etc/modules.d/ipw2100 didn't help).

 There is at least two ways. First one, if you use udev, write a simple rule and restart udevd or the second one, I'm using ipw2200 but I guess the parameter for the module is the name of the interface, isn't?

First one is to add to /etc/udev/10-local.rules (if do not exist create it)

```
KERNEL="eth*", SYSFS{address}="00:00:00:00:00:00", NAME="wlan"
```

and put your MAC, restart udev and should work. (udev ver > 0.46 AFAIK)

----------

## thepi

Just a quick note for those who still want to know exactly how to change the interface name:

```

# modprobe ipw2100 ifname=ath0

```

Regards,

 pi~

----------

## risa2000

Hello, I was off for a while  :Smile: , and meanwhile the how-to get quite outdated. In fact, there is no need to patch anything right now. Plain emerge does the job, what I suggest though is to use masked packages (ACCEPT_KEYWORDS="~x86") in both cases (for ipw2100 and wpa_supplicant).

```
ACCEPT_KEYWORDS="~x86" emerge ipw2100

ACCEPT_KEYWORDS="~x86" emerge wpa_supplicant
```

To ensure you get it also when doing 'emerge world' just add following lines into /etc/portage/package.keywords

```
net-wireless/wireless-tools ~x86

net-wireless/ipw2100 ~x86

net-wireless/ipw2100-firmware ~x86

net-wireless/wpa_supplicant ~x86
```

Having wireless-tools in there is not necessary, but I found it more convenient, since all these packages follow each other quite tightly.

This setup was tested with kernel 2.6.10 and ipw2100-1.0.2-r2 and ipw2100-firmware-1.3.

----------

## thepi

Hi folks,

just need to add to risa's post that you should do it the second way he suggested, by adding lines to /etc/portage/package.keywords. 

```
ACCEPT_KEYWORDS="~x86" emerge moo
```

 is really evil as it can (and will!) horribly break your system (emerge world will try to revert to stable, i.e. non-~x86 packages).

The only way ACCEPT_KEYWORDS="~x86" should be used nowadays is in /etc/make.conf, and only by people who really want to live near the edge (nutters like me  :Laughing: ). You want a stable system, use package.keywords. Also, read this!

Regards,

 pi~

----------

## mope

 *thepi wrote:*   

> Just a quick note for those who still want to know exactly how to change the interface name:
> 
> ```
> 
> # modprobe ipw2100 ifname=ath0
> ...

 

Is it possible to use this method everytime without manually modprobing the driver?

That is, can I pass that option through some file at boot or do I have to type it in by hand each time (or use the other method above)?

----------

## thepi

Well you could put that into /etc/modules.conf:

```

options ipw2100 ifname=ath0

```

However, you shouldn't update above 1.0.2 if you want to be able to use this functionality - after that, it's been taken out  :Confused: 

pi~

----------

