How to connect with OpenRC, ethernet, 802.1 ,PEAP, MSCHAPv2, password and MAC spoofing without polkit
nona - about 2 years ago -
Hello,
I am trying to connect to a network which is protected with PEAP, a username and password. I do not use polkit. I am using OpenRC, spoofed MAC and I do not have (nor want) polkit (policy-kit).
I have tried with Connman, NetworkManager and (dhcpcd + wpa_supplicant). I do not need a GUI solution. I just need something that I can automate at boot--or something, that is, if it runs on the terminal, that's totally fine.
Thank you in advance
Connman¶
I tried to create different types of /var/lib/connman/*.config files. The closes that I got was figuring out that the files need to be called ethernet_<MAC here>_cable.config, and that this does not work:
# /var/lib/connman/*.config [service_ethernet_<MAC here>_cable] Type = ethernet DeviceName = eth0 # I do not force "eth0", it's created by my system every time EAP = peap CACertFile = /etc/ssl/certs/DigiCert_Assured_ID_Root_CA.pem Phase2 = MSCHAPV2 Identity = <my username in plain text> AutoConnect = true Security = ieee8021x Passphrase = <my password in plain text>
This only allows me to connect to the network, which later tells me that I need a PEAP connection.
NetworkManager¶
I installed nm-connection-editor to set-up the 802.1 configuration. I just added the path to the certificate, the username, PEAP and the password.
It actually connects, but once it does, my session is messed up: I can no run some programs with a message saying that Display :0 does not exist or something like that. Then, I need to kill my session for the GUI to work again. For instance, with LXQT, I have to switch virtual terminals (CTRL + ALT + F2) and log back in, because the Logout submenu does nothing.
DHCPCD + wpa_supplicant¶
I created a /etc/wpa_supplicant/wpa_supplicant.conf
# /etc/wpa_supplicant/wpa_supplicant.conf # Connect like this: # wpa_supplicant -Dwired -B -ieth0 -c/etc/wpa_supplicant/wpa_supplicant.conf # dhcpcd -i eth0 # dhclient -v # https://wiki.archlinux.org/title/Wpa_supplicant # Giving configuration update rights to wpa_cli ctrl_interface=/run/wpa_supplicant # enable users without root access to connect to wireless networks ctrl_interface_group=wheel # store changes made with wpa_cli update_config=1 # https://bbs.archlinux.org/viewtopic.php?id=188783 # https://wiki.archlinux.org/title/Wpa_supplicant#802.1x/radius # Wired Ethernet drivers ap_scan=0 fast_reauth=1 network={ key_mgmt=IEEE8021X eap=PEAP ssid="<the SSID of the connection>" ca_cert="/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem" phase2="auth=MSCHAPV2" identity="<username>" # wpa_passphrase SSID <passphrase> # psk=<result of the above command> password="<plain text password>" }
This kind of works, but then the connection is lost. I don't know why.
Others¶
I did not try the wpa_supplicant in a new environment, but I did reinstall Parabola from scratch, fearing that a local configuration was interfering with the connection. This happens with or without a display manager (LXQT and [icewm + startx]).
Replies (2)
How to connect with OpenRC, ethernet, 802.1 ,PEAP, MSCHAPv2, password and MAC spoofing without polkit - bill-auger - almost 2 years ago -
i dont have much advice on this off-hand - i think those X
server problems are resolved with a polkit though
RE: How to connect with OpenRC, ethernet, 802.1 ,PEAP, MSCHAPv2, password and MAC spoofing without polkit - nona - almost 2 years ago -
The KISS approach: connect the ethernet cable before starting the session. Still, it would be nice to have a polkit-independent solution.