I have created a wifi hotspot by using network-manager and protected it with “wpa & wpa2 personal” security, but i cant connected to it from my phone. If i create a hotspot without any security, then it works just fine. But for obvious reasons i dont want to create hostpot without any security.
What sould i do?

Hi @al0o0z

Maybe this will help you:

#hostapd.conf
#
#sets the wifi interface to use
interface=wlan0
#driver to use, nl80211 works in most cases
driver=nl80211
#sets the ssid of the virtual wifi access point
ssid=myhotspot
#sets the mode of wifi, depends upon the devices you will be using. It can be a,b,g,n. Not all cards support 'n'.
hw_mode=g
#sets the channel for your wifi
channel=6
#macaddr_acl sets options for mac address filtering. 0 means "accept unless in deny list"
macaddr_acl=0
#setting ignore_broadcast_ssid to 1 will disable the broadcasting of ssid
ignore_broadcast_ssid=0
#Sets authentication algorithm
#1 - only open system authentication
#2 - both open system authentication and shared key authentication
auth_algs=1
#####Sets WPA and WPA2 authentication (remove this section if you don't need encryption)#####
#wpa option sets which wpa implementation to use
#1 - wpa only
#2 - wpa2 only
#3 - both
wpa=3
#sets wpa passphrase required by the clients to authenticate themselves on the network
wpa_passphrase=KeePGuessinG
#sets wpa key management
wpa_key_mgmt=WPA-PSK
#sets encryption used by WPA
wpa_pairwise=TKIP
#sets encryption used by WPA2
rsn_pairwise=CCMP

I have extracted the info from here:

Although the guide is written a few years ago, it was updated in October 2018

Thanks for your reply.
I cant open up the link you provided for some unknown reason.
Where this setting is stored?
The connection settings in /etc/NetworkManager/system-connections differs from this format

Sorry @al0o0z. It would be in /etc/hostapd/hostapd.conf. A secure way for a hostpot is with hostapd to configure the authentication and with dnsmasq to assign ip address to the devices. This way has always worked for me

How to activate and deactivate this hotspot?

Start it with:

systemctl start hostapd

Enable it to start every boot with

systemctl enable hostapd

Or both at the same time with

systemctl enable --now hostapd

Stop & disable with

systemctl disable --now hostapd

Or just stop with

systemctl stop hostapd

Or just disable (while keeping it running) with

systemctl disable hostapd

For more on this see https://wiki.archlinux.org/index.php/Software_access_point

Or if you prefer to dis-intermediate systemd then you could try the ExecStart line directly:

/usr/bin/hostapd /etc/hostapd/hostapd.conf

Then use pkill to, er, kill it (or send a SIGHUP to reload the configuration).

EDIT: there is also a natty command-line interface, if you are so inclined:

hostapd_cli

Check the man page for then nitty gritty.

Thanks a lot Negata & Head_on_a_stick for your help.

hotspotd is not in AUR, so then do i have to install it from git repo?
Or do you have any pkgbuild that you can share?

I’ve found this

Thanks.
I did see this, but i always hear people say it is bad to compile and and install from source in arch and it’s variants, so i thought you might have a PKGBUILD that i can use to install it. As i can’t make PKGBUILD.

There is also create_ap

https://www.archlinux.org/packages/community/any/create_ap/

Hostapd and create_ap requires that the network is not managed by Network-Manger. so then how can i connect by dsl broadband?

@al0o0z For me to remember, have you created a bridge for the devices to connect to the same network on your computer, or to connect to another range of addresses?

To be honest, i don’t get what you are saying, i’ve been using linux for a year now but haven’t come to grasp anything of importance, i am a slow learner

I pass this link, I think it will be helpful.

https://wiki.archlinux.org/index.php/Software_access_point

Network configuration (extracted from that link)

There are two basic ways for implementing this:

1. bridge : creates a network bridge on your computer, wireless clients will appear to access the same network interface and the same subnet that’s used by your computer.
2. NAT : with IP forwarding/masquerading and DHCP service, wireless clients will use a dedicated subnet, data from/to that subnet is NAT-ted. This is similar to a normal Wi-Fi router which is connected to the internet.

The bridge approach is simpler, but it requires that any service that is needed by the wireless clients, in particular DHCP, is available on the computer’s external interface. This means it will not work if the external modem which assigns IP addresses, supplies the same one to different clients.

The NAT approach is more versatile, as it clearly separates Wi-Fi clients from your computer and it is completely transparent to the outside world. It will work with any kind of network connection, and (if needed) traffic policies can be introduced using the usual iptables approach.

It is possible to combine these two approaches: for example having a bridge that contains both an ethernet device and the wireless device with a static ip, offering DHCP and setting NAT configured to relay the traffic to an additional network device connected to the WAN.

@al0o0z The good thing about the forum is that, we help each other by learning and sharing. No one was born learned

The solution to this problem is installing “dnsmasq” otherwise connection will not work and keep trying to “obtaining ip address”