# WPA-PSK, wpa_supplicant, and hidden ssid's

## doubled157940

Just off the bat, anyone who thinks that hidden ssids are useless, leave it at the door please.

My problem is that I'm trying to get connected to a hidden Wireless Access Point. It has a WPA-PSK encryption turned on, but also I'm finding nothing on getting hidden ssids working on wpa_supplicant. I'm running ndiswrapper for my wireless card, and I've been able to connect to hidden ssids with WEP, and broadcasting ssids with WEP before.

What do I need to do to connect to my hidden wireless network?

----------

## mbrehon

Maybe this'll help, though I'm not using ndiswrapper.

Here's a relevant section of wpa_supplicant.conf for my hidden, yet defined ssid [names changed to protect the innocent]:

```
network={

    priority=10

    ssid="blah"

    scan_ssid=1

    mode=0

    proto=WPA

    key_mgmt=WPA-PSK

    pairwise=CCMP TKIP

    group=CCMP TKIP

    psk="earlofsandwich"

}
```

It seems like I needed to set some things in /etc/conf.d/net as well:

```
modules=( "wpa_supplicant" )

iwconfig_wlan0="mode managed"

wpa_supplicant_wlan0="-Dhostap" # For Prism2.5 based cards

wpa_timeout_wlan0=60

config_wlan0=( "dhcp" )

dhcpcd_wlan0="-t 15"

```

Caveat: I'm not saying these are the best settings, but they got me up and running.

hope this helps,

-Mark

----------

## doubled157940

Unfortunately, not quite there.

It doesn't connect to the wireless access point. It just turns on:

```

wlan0     Link encap:Ethernet  HWaddr 00:00:00:00:00:00

          inet6 addr: fe80::214:a4ff:fe35:12c6/64 Scope:Link

          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1

          RX packets:84 errors:0 dropped:0 overruns:0 frame:0

          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:11697 (11.4 Kb)  TX bytes:480 (480.0 b)

          Interrupt:20 Memory:dfdfe000-dfe00000

```

Unless I'm looking at it wrong.

The HWaddr is replaced for my reasons. The MAC address is on the filter so that shouldn't be the problem.

I made sure the ssid and key were set correctly. I looked at my dmesg:

```

bridge-wlan0: disabling the bridge

bridge-wlan0: down

ADDRCONF(NETDEV_UP): wlan0: link is not ready

bridge-wlan0: enabling the bridge

bridge-wlan0: is a Wireless Adapter

vmnet: You are trying to use wireless bridged networking together with

vmnet: vmware-any-any-update.  This is not supported configuration, and

vmnet: your wireless bridge will probably not work.

bridge-wlan0: up

ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready

wlan0: no IPv6 routers present

```

The vmnet I don't know about.

Let me know if you need more info.

----------

## infinite1der

I would suggest leaving ssid out, and just use the bssid (MAC of the AP) in wpa_supplicant.conf.

----------

## Jaglover

So you found life too easy and decided to create some silly obstacles?

http://blogs.zdnet.com/Ou/index.php?p=43

----------

## doubled157940

Jaglover: I have asked that you leave your comments about how my wireless was setup out of the topic. I'm not the one who set up the wireless, nor am I the one that admin's the box. I live at home, with my parents, until I'm out of college, and my dad services the network. I have no control over what he does, nor do I plan to question how he runs the network. I will say that although my Wireless Access Point being hidden does cause some problems for me being a Linux user, we also have Windows machines accessing it. But hiding the ssid isn't as bad as your article says it is. It keeps people that shouldn't be using my WAP from being able to use it and my bandwidth unless they are trying to get in and be destructive. In which case I've at least put a rock in their road so it's harder for them. Wireless will never be fully secure, but with that in mind, you should at least do what you can to make it harder for anyone to know your there, and their ability to get in.

So again, for anyone posting here, leave opinions and other unneeded comments about how my WAP is set up at the door. All I want is an answer to get my computer connected to the wireless, not everyones opinion on how my system is setup. If I wanted that, I would've asked and/or gone and paid you to tell me. Thanks for your concern, now lets please get back to solving the problem without adjusting the WAP.

Note: I have WPA-PSK with TKIP encreption.

I've make some modifications to WPA_Supllicant.conf and now I'm getting some driver problems with ndiswrapper. I'm going to go look for some updated drivers and will report back on what happens and again where I'm at. Untill then, here is my wpa_supplicant.conf:

```

ap_scan=2

network={

        priority=1

        ssid="AlmostHeaven"

        bssid=00:18:F8:45:93:00

        mode=0

        #proto=WPA RSN

        key_mgmt=WPA-PSK

        pairwise=CCMP TKIP

        group=CCMP TKIP

        #psk="vxfyjg6lgqo8hgfa"

        psk=b22b55eb47fe053049cbb385ba751f98e9f15d2ac8212074758e4163eaf9a97c

}

```

ouput of wpa_supplicant:

```

Added interface wlan0

RTM_NEWLINK: operstate=0 ifi_flags=0x1002 ()

Wireless event: cmd=0x8b06 len=8

RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])

RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added

RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])

RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added

State: DISCONNECTED -> SCANNING

Trying to associate with SSID 'AlmostHeaven'

Cancelling scan request

WPA: clearing own WPA/RSN IE

Automatic auth_alg selection: 0x1

WPA: No WPA/RSN IE available from association info

WPA: Set cipher suites based on configuration

WPA: Selected cipher suites: group 24 pairwise 24 key_mgmt 2 proto 2

WPA: clearing AP WPA IE

WPA: clearing AP RSN IE

WPA: using GTK CCMP

WPA: using PTK CCMP

WPA: using KEY_MGMT WPA-PSK

WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00

No keys have been configured - skip key clearing

State: SCANNING -> ASSOCIATING

wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)

WEXT: Operstate: linkmode=-1, operstate=5

Association request to the driver failed

Setting authentication timeout: 5 sec 0 usec

EAPOL: External notification - EAP success=0

EAPOL: External notification - EAP fail=0

EAPOL: External notification - portControl=Auto

Authentication with 00:00:00:00:00:00 timed out.

Added BSSID 00:00:00:00:00:00 into blacklist

State: ASSOCIATING -> DISCONNECTED

wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)

WEXT: Operstate: linkmode=-1, operstate=5

No keys have been configured - skip key clearing

EAPOL: External notification - portEnabled=0

EAPOL: External notification - portValid=0

Setting scan request: 0 sec 0 usec

State: DISCONNECTED -> SCANNING

Trying to associate with SSID 'AlmostHeaven'

Cancelling scan request

WPA: clearing own WPA/RSN IE

Automatic auth_alg selection: 0x1

WPA: No WPA/RSN IE available from association info

WPA: Set cipher suites based on configuration

WPA: Selected cipher suites: group 24 pairwise 24 key_mgmt 2 proto 2

WPA: clearing AP WPA IE

WPA: clearing AP RSN IE

WPA: using GTK CCMP

WPA: using PTK CCMP

WPA: using KEY_MGMT WPA-PSK

WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00

No keys have been configured - skip key clearing

State: SCANNING -> ASSOCIATING

wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)

WEXT: Operstate: linkmode=-1, operstate=5

Association request to the driver failed

Setting authentication timeout: 5 sec 0 usec

EAPOL: External notification - EAP success=0

EAPOL: External notification - EAP fail=0

EAPOL: External notification - portControl=Auto

CTRL-EVENT-TERMINATING - signal 2 received

Removing interface wlan0

State: ASSOCIATING -> DISCONNECTED

wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)

WEXT: Operstate: linkmode=-1, operstate=5

No keys have been configured - skip key clearing

EAPOL: External notification - portEnabled=0

EAPOL: External notification - portValid=0

Failed to disable WPA in the driver.

No keys have been configured - skip key clearing

Removed BSSID 00:00:00:00:00:00 from blacklist (clear)

Cancelling scan request

Cancelling authentication timeout

WEXT: Operstate: linkmode=0, operstate=6

```

----------

## aussiemale

I found that setting ap_scan=1 and including scan_ssid=1 in the network={...} section worked for me.

ie, wpa2 with AES encryption

ap_scan=1

network={

        ssid="xxx"

        scan_ssid=1

        proto=RSN WPA

        key_mgmt=WPA-PSK

        pairwise=CCMP

        psk="xxx"

        priority=-9999999

}

----------

## roguetoad

I've been trawling through the message boards trying to figure this out.

Suggestions are set ap_scan=1 or 2 and scan_ssid=1 inside your wpa_supplicant.conf file

No matter what settings I've tried, it seems like it is impossible for my ipw2200 to associate with a hidden essid.

I can do it manually by using

```

iwconfig eth1 essid myhiddenessidname

```

And I can use wpa_gui to do it

And I can see from a command line call to wpa_supplicant 

```

wpa_supplicant -dd -Dwext -ieth1 -c/etc/wpa_supplicant/wpa_supplicant.conf

```

that it can see it see the hidden essid

but it won't associate. 

HELP! Somebody answer this straight up. Is this doable or not!

And if it is, what do I have set wrong!

Thanks,

----------

## didymos

OK, just don't use hidden SSIDs.  I'm sorry (just a little) to put it this way, but they are plain dumb.  Mainly because the wireless standard is designed to work with broadcast ssid's, so you not only break expected behavior but also because you break it and get no (yes, no) improved security for your trouble. To understand why, there's a couple things to do:

1. http://www.google.com/search?q=hidden+ssid

You should find, oh, about a gazillion pages explaining how to crack a hidden ssid.  Hint: it's really easy.

2.  Read this paper: http://www.icsalabs.com/icsa/docs/html/communities/WLAN/wp_ssid_hiding.pdf

Note: if you're trying to connect to an AP you don't control (and why would that be...) then obviously, none of the above applies.

----------

## roguetoad

Yup. I agree with all those points. The biggest problem is that I don't have control of the acess points that I'm trying to hook into. Unfortunately, it has gotten to the point where most ppl think hiding their essid will help protect them. I've stopped trying to get my friends to do things "correctly", I 'm just trying to get my stuff to work as well as I can despite those obstacles.

----------

## roguetoad

None of  these work for me. 

I still can't associate with a hidden essid

Any other suggestions?

----------

## didymos

 *roguetoad wrote:*   

> Yup. I agree with all those points. The biggest problem is that I don't have control of the acess points that I'm trying to hook into. Unfortunately, it has gotten to the point where most ppl think hiding their essid will help protect them. I've stopped trying to get my friends to do things "correctly", I 'm just trying to get my stuff to work as well as I can despite those obstacles.

 

Well, I just figured I'd deliver the lecture just in case.  Maybe if you explained to your friends that it's the wifi equivalent of hiding under a blanket and believing that makes you invisible; i.e.  the sort of thinking appropriate to very young children (or somewhat stupid older ones).  It would work against the Ravenous Bugblatter Beast of Traal, though (the blanket, that is; of course, a towel would be much more appropriate).

----------

## danomac

It does work with hidden essids. I have been using it with this configuration for a while now, but I can't remember what I put in wpa_supplicant.conf to make it work (my laptop is out for service...  :Sad: )

I use ipw3945.

----------

