Monday, February 7, 2011

Welcome to my personal landing page. This is rather clearly a work in progress, and it will actually start progressing when I get some time on my hands to work on it (most likely over summer vacation)
Posted by at No comments:

Sunday, February 6, 2011

Getting a CR-48 to connect to WPA-Enterprise

Like plenty of other participants in the chrome OS pilot program, I've been working on getting my CR-48 to connect to my school's WPA-Enterprise WiFi network. David Burrow at the University of Utah figured out the basic framework that I needed, and Jay Lee mentioned writing a shell script that could automate the process. Anyway, this is what I've done to get connected. Presented below as a full walkthrough (for nooblets like me) and cliffs notes (for people who know what they're doing)

Full Walkthrough:

Note: below, anything that is in square braces should be replaced by your own values.

Start off by switching your CR-48 to developer mode and root by following these instructions.

Next up, we are going to use wpa_cli to figure out the settings for our
WPA-Enterprise network. Use the instructions by David Burrow and replace some
settings with your own. Your network should have a getting connected guide
which will give you a good idea of these settings. For example, I had to change
my pairwise and group settings to TKIP rather than CCMP. Some notes:


You can run most commands from outside of wpa_cli using the following syntax:

wpa_cli set_network [##] [variable] [value]

  • You have to be root to run wpa_cli. Don't panic if you try running it as
    chronos and it gives you some crap about being unable to connect. just sudo
    it.
  • The status command provides useful info on how close your network is to connecting, if at all.
Ok, cool. Now we have a basic connection, but damn that was a bitch. And it won't survive a reboot either, only sleep since the save_config command in wpa_cli is disabled. To save some trouble, let's write a shell script to do it for us.
  1. Get into the bash shell and change to root (sudo -s)

  2. cd to your stateful partition

  3. qemacs [yourscriptName].sh

  4. Type in your script, then press Cntrl-x then Cntrl-c to save and quit

  5. chmod +x [yourScriptName].sh

Below is the one that I am using:

wpa_cli add_network

wpa_cli set_network 0 ssid \"[Your Network SSID]\"

wpa_cli set_network 0 scan_ssid 1

wpa_cli set_network 0 proto WPA

wpa_cli set_network 0 priority 1

wpa_cli set_network 0 key_mgmt WPA-EAP

wpa_cli set_network 0 eap PEAP

wpa_cli set_network 0 pairwise TKIP

wpa_cli set_network 0 group TKIP

wpa_cli identity 0 "[Your id for the network]"

wpa_cli password 0 "[Your password]"

wpa_cli set_network 0 phase2 \"[your auth style. eg. MSCHAPV2]\"

wpa_cli select_network 0

Pretty basic stuff when you get down to it. One very important note here

  1. This stores your password in plain text on your hdd. This is widely
    regarded as a bad call, so use your own discresion as to whether or not you
    want to do that.

So that gives you a shell script, but you can't run it because the stateful partition is non executable. We're going to change that and make it so we can edit one of the startup scripts by running

sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification

then rebooting. This makes it so you can edit the root partition of your ssd.

Ok, Back in our shell, change to root again, and then

  1. mkdir /mnt/stateful_partition/home/backupScripts

  2. cp /etc/init/login.conf /mnt/stateful_partition/home/backupScripts/login.conf.original

  3. cp [path to your script]/[your script name].sh /etc/wpa_supplicant/[your script name].sh

  4. qemacs /etc/init/login.conf

  5. Add the line ./etc/wpa_supplicant/[your script name].sh just below touch /var/run/state/logged-in

  6. save and quit as above.

Now your script will run on login, setting everything but the ssid for you. This should get you connected to your wireless network on login.

Hope this helps!


Cliffs notes:


Change to dev mode using the switch


Follow David Burrow's post using wpa_cli to get connected the first time


Write a shell script for all settings except ssid and phase2 using the

following syntax:

wpa_cli

wpa_cli add_network


set_network [##] [Variable]

etc.


Change your root filesystem to writeable using then reboot

sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification

Edit /etc/init/login.conf to run your script by adding the following line
anywhere

./[path to your script]


Now every time you reboot you're connected automatically.

Posted by at 26 comments:
Subscribe to: Posts (Atom)