HowTo: Use WPA With The Legacy r8180 Module On Ubuntu

Sunday, 27 April 2008 11:18

Note: The information here relates only to the old ieee80211 stack driver. If you're using Ubuntu, you will find that from Intrepid (and probably Hardy also now) there is a new driver present as standard which will do WPA(2) nicely through the standard graphical network management tools.

The r8180 module does support WPA encryption via wpa_supplicant, only you can't set it from nm-applet in Gnome. The reason is that NetworkManager can only work with wpa_supplicant using the WEXT driver (Linux Wireless Extensions v18 and higher). Unfortunately, the r8180 driver only supports WEXT up to version 16, before the WPA stuff was added. But it's not too difficult to use wpa_supplicant manually with this module, you only have to know that it needs to use the IPW driver instead of WEXT. The reason is simply that the Realtek driver was based on the Intel IPW driver code. The IPW driver itself has since been updated to do WPA properly through WEXT, but the old IPW driver for wpa_supplicant is still available and will work fine with the legacy r8180 module.

If you compiled the r8180 driver from source yourself (as you currently need to with Hardy) you may have noticed the source package includes source for wpa_supplicant. I can only assume the wpa_supplicant source was included with the driver for convenience, but in any case you don't need to use that source - the wpa_supplicant distributed with Ubuntu is more recent and it works fine with the r8180 module as follows...

First, you should kill nm-applet if it's running (that's the little network control icon you see in the top-right of a default Ubuntu desktop) because Gnome's Network Manager seems to interfere with things:

sudo pkill nm-applet

Then you'll need to create a configuration file to hold the WPA settings, which for normal WPA-PSK something like this should work:

network={
ssid="putTheNetworkNameHere"
proto=WPA
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP WEP104 WEP40
psk="putThePasswordHere"
}

Or for WPA2-PSK (i.e. RSN and CCMP):

network={
ssid="putTheNetworkNameHere"
proto=WPA2
key_mgmt=WPA-PSK
psk="putThePasswordHere"
}

Let's assume you save this as "wpa.conf", you can then just run:

sudo wpa_supplicant -Dipw -cwpa.conf -iwlan0

If all goes well, you should see some messages like this:

Linux wireless extensions version 22 detected.
ipw2x00 driver uses driver_wext (-Dwext) instead of driver_ipw.
Trying to associate with 00:13:d3:6c:ca:12 (SSID='WGDANIELS' freq=2472 MHz)
Associated with 00:13:d3:6c:ca:12
WPA: Key negotiation completed with 00:13:d3:6c:ca:12 [PTK=TKIP GTK=TKIP]

As already mentioned, the message about the ipw2x00 driver using WEXT does not apply to the r8180 module - it doesn't work with -Dwext. If you have any problems, try making sure that the relevant encryption module is loaded first e.g.

sudo modprobe ieee80211_tkip_crypt-rtl

...for TKIP, or for AES...

sudo modprobe ieee80211_ccmp_crypt-rtl

Once you have it working and associated to the AP, probably you will need to run dhclient to get an IP address:

sudo dhclient wlan0

Assuming you manage to get wpa_supplicant working like this you can avoid having to run it manually by adding the config to /etc/network/interfaces:

auto wlan0
iface wlan0 inet dhcp
wpa-driver ipw
wpa-conf /path/to/wpa.conf

After which, wpa_supplicant should get started automatically when you bring up the interface:

sudo ifup wlan0

A more complete solution is to also have the driver modules loaded and unloaded with the interface, in which case you would use something more like:

auto wlan0
iface wlan0 inet dhcp
pre-up modprobe ieee80211_crypt_rtl
pre-up modprobe ieee80211_crypt_wep_rtl
pre-up modprobe ieee80211_crypt_tkip_rtl
pre-up modprobe ieee80211_crypt_ccmp_rtl
pre-up modprobe ieee80211_rtl
pre-up modprobe r8180
wpa-driver ipw
wpa-conf /path/to/wpa.conf
post-down rmmod r8180
post-down rmmod ieee80211_rtl
post-down rmmod ieee80211_crypt_wep_rtl
post-down rmmod ieee80211_crypt_tkip_rtl
post-down rmmod ieee80211_crypt_ccmp_rtl
post-down rmmod ieee80211_crypt_rtl

Tip: You might prefer not to use a the password directly in the config file, in which case you can use wpa_passphrase to pre-compute the PSK using the SSID and the password:

$ wpa_passphrase yourSSID yourPassword
network={
ssid="yourSSID"
psk=1ab7e99d8d4b479514532b248b4066c0849de21316b3d82399eb93606cdfbd49
}

There's no compelling reason to do this for security (which still relies on the security of the file itself) only that sometimes it's better not to reveal passwords too easily in cleartext, especially if you're in the habit of reusing them.

The final thing I should mention is that if you managed to get everything working, you will probably want to disable the Network Manager applet from loading on startup, which you can do from System->Preferences->Sessions->Startup Programs by unchecking the box next to "Network Manager".

Last Updated on Monday, 07 September 2009 09:21

Comments

Thanks from John Berthels on Tue. Jun 03, 2008 reply

Thanks very much for these instructions. I'd actually made effectively the same set of changes to the driver for my own usage, but was holding off posting it anywhere until I could get WPA working.

Your HOWTO helped me get WPA working without any further code changes, so thanks very much!

By the way, I've got one additional change in, which adds support for PCI ID BELKIN:700f, which is my card a "Belkin Wireless G", bought in the UK. If you do push the patch upstream, it might be worth adding that in too, as it Works For Me (tm).

Untitled Comment from Will on Wed. Jun 04, 2008 reply

Hi John, thanks for the info. Somebody (Thomer Gil) already mentioned the Belkin card ID to me, and he has a modified patch to include this here. As for getting any of these changes upstream, there doesn\'t really seem to be an upstream, other than the rtl-wifi project which is updating the driver for the mac80211 stack, but I have no idea about the status of that project or what condition their source is in. I\'m trying to figure all that out right now actually...it may be that it\'d be worthwhile to register a project in Launchpad for the code here, but obviously not if there\'s a working mac80211-based driver in the upstream kernel somewhere (as seems to be the suggestion).

question from tizo on Thu. Jul 03, 2008 reply

Thanks Will for your HOWTOs. I could make my wireless LAN work with WEP reading your howto: http://www.willdaniels.co.uk/articles/howto-guides/10-howto/12-r8180-hardy

However, I could not make it work with WPA2 Personal. When I executed the wpa_supplicant command, it said the following:

Linux wireless extensions version 22 detected.
ipw2x00 driver uses driver_wext (-Dwext) instead of driver_ipw.
Trying to associate with 00:1d:7e:e4:29:07 (SSID='entrecasas' freq=2437 MHz)
ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
Authentication with 00:00:00:00:00:00 timed out.
Trying to associate with 00:1d:7e:e4:29:07 (SSID='entrecasas' freq=2437 MHz)
ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
Authentication with 00:00:00:00:00:00 timed out.

Do you know what could be causing this?.

Thanks in advanced!!

Untitled Comment from Will on Thu. Jul 03, 2008 reply

The only thing that I can suggest is what I already mentioned in the article - check that the encryption modules are loaded (using lsmod). Note that ieee80211_crypt_rtl is only a wrapper module for the pluggable encryption modules for ccmp and tkip. Make sure both are specifically loaded also:

sudo modprobe ieee80211_crypt_ccmp_rtl
sudo modprobe ieee80211_crypt_tkip_rtl

...before invoking wpa_supplicant.

But there is a better alternative available now using the new version of this driver from the mainline kernel. I'll write another HowTo some time today for switching over to this new driver, which works using WPA through the standard graphical tools. You would be well advised and better served to switch to the new version.

thanks again from tizo on Thu. Jul 03, 2008 reply

Will,

I am not at home now, but the modules were loaded. In fact, I had echoing them in /etc/modules as you suggest in your previous article. ipw2200 module was not loaded, but I have the same problem with it, or without it, or with ipw2100 module (I don't really know if it should be loaded or not).

I think that you have a mistake in the names of the modules in this article, when you tell how to load them with modprobe. They should be ieee80211_crypt_tkip_rtl and ieee80211_crypt_ccmp_rtl, and not ieee80211_tkip_crypt-rtl and ieee80211_ccmp_crypt-rtl respectively.

Anyway, I could use WEP until you write the howto to use the new driver, but I could try that too, and write about it,
if you could tell me where to start,

Thanks again!!!

Untitled Comment from Will on Thu. Jul 03, 2008 reply

I finally got around to writing up the explanation & instructions for using the new driver here (or see related related items).

I don't have any passwd! from Carolina on Sat. Sep 20, 2008 reply

Hi,
I'm too close to get it! but the parser returns an error because I don't need any password for my connection... I tried whitout the psk field and it fails anyway...

Here is the output:
me@myhost:~/rtl8185$ sudo wpa_supplicant -Dipw -cwpa.conf -iwlan0
Line 7: Invalid passphrase length 0 (expected: 8..63) '"'.
Line 7: failed to parse psk '""'.
Line 8: WPA-PSK accepted for key management, but no PSK configured.
Line 8: failed to parse network block.
Failed to read or parse configuration '/home/me/rtl8185/wpa.conf'.

Thanks from now!
Sorry about my poor english :D

Carolina.-

Untitled Comment from Will on Sun. Sep 21, 2008 reply

Hi Carolina, if your connection does not need a password then you should be able to connect without using wpa_supplicant.