IBBoard

Section: Linux

I own two USB wireless adapters. Both are Netgear WG111 devices and both were bought before I started using Linux. While they have been working reasonably well as wireless adapters using the RTL8187 drivers for a while, WPA was always exceedingly difficult to set up correctly. Instead, for the sake of my Linux box, I had been running WEP encryption.

WEP versus WPA

WEP and WPA are both wireless encryption methods used to secure your connection to your wireless network so that no-one can listen in to your traffic and so that only people with the password can use the network.

WEP is known to be broken and should not be relied on to give security against any but the most casual attacker.

WPA, on the other hand, is still thought to be secure and can only be breached through brute-force attacks that try to guess your network password. Unfortunately even now not all consumer devices support WPA, but if your devices do then you should use it as much as possible.

The problem

Under versions of Fedora before Fedora 9 the Gnome Network Manager was at version 0.6.x. While this version supported WEP keys, WPA was only supported on a small subset of cards, not including the Netgear WG111 with its RTL8187 chipset. Because of this the options when using a Netgear WG111 with Linux were to either use WEP, which provides little or no real protection to an even remotely determined hacker, or to manually configure your network connection and WPA encryption.

Since at least Fedora 7 the Fedora distro has included wpa_supplicant to help connect to WPA encrypted networks, but I never got it successfully configured despite the configuration not being much more than "set the network ID and set the password as the version generated by running it through this app".

For a while the only solution (other than buying a different wireless adapter, which we couldn't afford) was to continue using WEP because it was some degree of encryption and made our network slightly more secure than the other two local networks, both of which are unsecured.

The solution

Compared to Network Manager 0.6, 0.7 has a much more powerful connection management system. Now you can define connections and their encryption method within a small control panmel. While investigating this I noticed an option for WPA encryption.

Connecting to a WPA encrypted wireless network using the RTL8187 drivers for the Netgear WG111 is now very easy. Run the Network Manager applet at session start and click your network in the list to connect. After a while you should be prompted for a password. Select "WPA & WPA2 Personal" and enter your network password. This will then be encoded and converted, so don't be surprised if you see it again and it is much longer! Once you're authenticated you should have secured access to your network using WPA in Linux.

The solution - upgrading to WPA

In my case I had previously been associating with the network using WEP and was upgrading to WPA. In this situation there are a few minor niggles that I encountered but all of them seemed to be resolved by the next morning after I'd restarted. The most likely explanation is that they were related to that most useful of features - the keyring for remembering passwords.

At one point I had two networks showing up under my network's name. This was probably due to Network Manager thinking that the old network had momentarily vanished and would come back shortly. After that the Network Manager kept asking me for a WEP password instead of a WPA password, but that could have been caused by selecting the wrong one of the pair or by Network Manager remembering the WEP network and prompting me based on its cached version of what the network used for encryption.

The final problem when creating a new connection was that despite entering the correct password, the computer wouldn't associate to the network and would prompt me for the password again. Again the issue was resolved by the morning, so I think it simply needed a restart of the Network Manager to remove the traces of the old network.

Now my connection normally starts up fine every time and associates correctly. If anything, it seems more stable after moving to WPA, and it's more secure to boot! Congratulations to the Network Manager team on a much improved application.