Nick Naro
Monday, February 7, 2011
Sunday, February 6, 2011
Getting a CR-48 to connect to WPA-Enterprise
Full Walkthrough:
Note: below, anything that is in square braces should be replaced by your own values.
Start off by switching your CR-48 to developer mode and root by following these instructions.
Next up, we are going to use wpa_cli to figure out the settings for our
WPA-Enterprise network. Use the instructions by David Burrow and replace some
settings with your own. Your network should have a getting connected guide
which will give you a good idea of these settings. For example, I had to change
my pairwise and group settings to TKIP rather than CCMP. Some notes:
You can run most commands from outside of wpa_cli using the following syntax:
wpa_cli set_network [##] [variable] [value]
- You have to be root to run wpa_cli. Don't panic if you try running it as
chronos and it gives you some crap about being unable to connect. just sudo
it.
- The
status
command provides useful info on how close your network is to connecting, if at all.
save_config
command in wpa_cli is disabled. To save some trouble, let's write a shell script to do it for us.- Get into the bash shell and change to root (
sudo -s
) - cd to your stateful partition
qemacs [yourscriptName].sh
- Type in your script, then press Cntrl-x then Cntrl-c to save and quit
chmod +x [yourScriptName].sh
Below is the one that I am using:
wpa_cli add_network
wpa_cli set_network 0 ssid \"[Your Network SSID]\"
wpa_cli set_network 0 scan_ssid 1
wpa_cli set_network 0 proto WPA
wpa_cli set_network 0 priority 1
wpa_cli set_network 0 key_mgmt WPA-EAP
wpa_cli set_network 0 eap PEAP
wpa_cli set_network 0 pairwise TKIP
wpa_cli set_network 0 group TKIP
wpa_cli identity 0 "[Your id for the network]"
wpa_cli password 0 "[Your password]"
wpa_cli set_network 0 phase2 \"[your auth style. eg. MSCHAPV2]\"
wpa_cli select_network 0
Pretty basic stuff when you get down to it. One very important note here
- This stores your password in plain text on your hdd. This is widely
regarded as a bad call, so use your own discresion as to whether or not you
want to do that.
So that gives you a shell script, but you can't run it because the stateful partition is non executable. We're going to change that and make it so we can edit one of the startup scripts by running
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
then rebooting. This makes it so you can edit the root partition of your ssd.
Ok, Back in our shell, change to root again, and then
mkdir /mnt/stateful_partition/home/backupScripts
cp /etc/init/login.conf /mnt/stateful_partition/home/backupScripts/login.conf.origi
nal
cp [path to your script]/[your script name].sh /etc/wpa_supplicant/[your script name].sh
qemacs /etc/init/login.conf
- Add the line
.
/etc/wpa_supplicant/[your script name].sh
touch /var/run/state/logged-in
- save and quit as above.
Now your script will run on login, setting everything but the ssid for you. This should get you connected to your wireless network on login.
Hope this helps!
Change to dev mode using the switch
Follow David Burrow's post using wpa_cli to get connected the first time
Write a shell script for all settings except ssid and phase2 using the
following syntax:
wpa_cli
wpa_cli add_network
set_network [##] [Variable]
etc.
Change your root filesystem to writeable using then reboot
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification
Edit /etc/init/login.conf to run your script by adding the following line
anywhere
./[path to your script]
Now every time you reboot you're connected automatically.