NAME

SYNOPSIS

DESCRIPTION

wifimgr supports open networks, and secured networks using WEP, WPA-PSK and WPA-EAP with manual password or encryption key configuration. Automatic configuration for WPS is not supported, but passwords for WPS networks can be entered manually as for WPA-PSK networks.

wifimgr acts merely as an editor of the wpa_supplicant.conf(5) file. Actual network interface configuration and management is still done by the wpa_supplicant(8) program.

Networks in the configuration file, together with new networks found by a scan of the WiFi interface are displayed to the user. The user may change the sort ordering of the networks between SSID (default), signal strength and channel, and may choose to hide (default) or show networks that have been previously saved but are now out of range. The user may enable/disable networks as needed, enter either passwords or EAP configuration together with a short comment, and set a connection priority. To make use of so-called ``cloaked'' networks which do not broadcast their SSID and which are therefore not found by the interface scan, the user can also manually add new networks to the list using the "Add" button. When the "Save" button is clicked, the enabled networks are written back out to the wpa_supplicant.conf(5) file and the network interface is restarted.

wifimgr stores each network's SSID and BSSID in the configuration file and uses these when identifying available networks. Using the combination allows for situations where the same SSID is repeated on a separate network which has different password. However, this also means that on a network with multiple access points, there must be separate entries for that network, one for each of the BSSIDs. Since that can become unwieldly for networks with very many access points (e.g., organization-wide networks and also mobile phone hotspots), the "Any BSSID" checkbox can be checked to not save this network's BSSID. Keep in mind, however, that doing this will mean that use of a different network that happens to use the same SSID but a different authentication scheme or password will then not be possible.

The priority field can be used to indicate which network or access points should be preferred over others. Higher values mean higher priority. A special priority value of -1 allows a network to be kept in the networks file, but it will be ignored when scanning for networks to connect to. Since this is not a standard feature of wpa_supplicant(8), this is accomplished by prepending a ``*'' to the SSID when it is saved in the file. This is useful to avoid having to re-enter passwords and comments if a network might be needed again later.

Since wifimgr needs to restart the network interface and edit files that might not be writable to regular users, when wifimgr starts up, it requests the administrator (i.e., root) password.

The wpa_supplicant.conf(5) may be edited by hand in-between uses of wifimgr.

wifimgr automatically saves and reloads display configuration choices (such as network sort order and whether or not out of range networks are displayed) in the file ~/.cache/wifimgr/config.

CONFIGURATION

ifconfig_wlan0="WPA DHCP"

WIFI SECURITY

Security can be off. This is known as an open, plaintext or insecure network. All packets broadcast over the network can be intercepted by others and their contents examined. Networks in public places such as airports and hotels are often open networks. Such networks can still be used securely, but it is up to each application to provide its own security and it is up to the user to confirm, before each network use, that application security is in use. ssh, https and PGP email are examples of applications offering security themselves.

Early WiFi security was done using WEP, Wired Equivalent Privacy. WEP uses a shared password to encrypt all data transmissions. Unfortunately, the encryption technique used by WEP was easily cracked and software to do this is widely available.

A replacement to WEP known as WPA, or WiFi Protected Access, has become more widely used today. However, due to the urgency with which it was needed, some vendors implemented it before the standards were completely approved. This has led to there being several variants of WPA. Early implementations are known as WPA networks. Once the standard was approved, it was renamed to RSN, or Robust Secure Network also often referred to as WPA2.

Both WPA and RSN offer several security models. Home users and small businesses might use a shared access key, known as a pre-shared key (PSK). Depending on the access point's capabilities, there can be a single PSK for all users or a separate PSK for each user. Larger enterprises might use more complex key management schemes by means of RSN/WPA's extensible authentication protocol (EAP). EAP typically requires large keys and certificates stored in files.

All WiFi security was developed by the IEEE 802.11 Working Group. WEP was the original IEEE 802.11 standard. WPA was the later IEEE 802.11i draft 3 standard. RSN is the finalized IEEE 802.11i standard.

The security being used on a network is set in the access point configuration. wifimgr detects what security is available on a network and prompts the user for suitable configuration to use it.

GUI SUPPORT

ENVIRONMENT

TMPDIR

directory where temporary files are written (default: "/tmp")

FILES

~/.cache/wifimgr/config

user's display configuration

/etc/rc.conf

system configuration file for configuration of WiFi interface

/etc/wpa_supplicant.conf

networks configuration file

/etc/wpa_supplicant.conf.save

backup of any wpa_supplicant.conf that contains directives unknown to wifimgr

SEE ALSO

HISTORY

AUTHOR