I have created a wifi hotspot by using network-manager and protected it with “wpa & wpa2 personal” security, but i cant connected to it from my phone. If i create a hotspot without any security, then it works just fine. But for obvious reasons i dont want to create hostpot without any security.
What sould i do?
Hi @al0o0z
Maybe this will help you:
#hostapd.conf
#
#sets the wifi interface to use
interface=wlan0
#driver to use, nl80211 works in most cases
driver=nl80211
#sets the ssid of the virtual wifi access point
ssid=myhotspot
#sets the mode of wifi, depends upon the devices you will be using. It can be a,b,g,n. Not all cards support 'n'.
hw_mode=g
#sets the channel for your wifi
channel=6
#macaddr_acl sets options for mac address filtering. 0 means "accept unless in deny list"
macaddr_acl=0
#setting ignore_broadcast_ssid to 1 will disable the broadcasting of ssid
ignore_broadcast_ssid=0
#Sets authentication algorithm
#1 - only open system authentication
#2 - both open system authentication and shared key authentication
auth_algs=1
#####Sets WPA and WPA2 authentication (remove this section if you don't need encryption)#####
#wpa option sets which wpa implementation to use
#1 - wpa only
#2 - wpa2 only
#3 - both
wpa=3
#sets wpa passphrase required by the clients to authenticate themselves on the network
wpa_passphrase=KeePGuessinG
#sets wpa key management
wpa_key_mgmt=WPA-PSK
#sets encryption used by WPA
wpa_pairwise=TKIP
#sets encryption used by WPA2
rsn_pairwise=CCMP
I have extracted the info from here:
Although the guide is written a few years ago, it was updated in October 2018
Thanks for your reply.
I cant open up the link you provided for some unknown reason.
Where this setting is stored?
The connection settings in /etc/NetworkManager/system-connections differs from this format
Sorry @al0o0z. It would be in /etc/hostapd/hostapd.conf
. A secure way for a hostpot is with hostapd to configure the authentication and with dnsmasq to assign ip address to the devices. This way has always worked for me
How to activate and deactivate this hotspot?
Start it with:
systemctl start hostapd
Enable it to start every boot with
systemctl enable hostapd
Or both at the same time with
systemctl enable --now hostapd
Stop & disable with
systemctl disable --now hostapd
Or just stop with
systemctl stop hostapd
Or just disable (while keeping it running) with
systemctl disable hostapd
For more on this see https://wiki.archlinux.org/index.php/Software_access_point
Or if you prefer to dis-intermediate systemd then you could try the ExecStart line directly:
/usr/bin/hostapd /etc/hostapd/hostapd.conf
Then use pkill
to, er, kill it (or send a SIGHUP to reload the configuration).
EDIT: there is also a natty command-line interface, if you are so inclined:
hostapd_cli
Check the man page for then nitty gritty.
Thanks a lot Negata & Head_on_a_stick for your help.
hotspotd is not in AUR, so then do i have to install it from git repo?
Or do you have any pkgbuild that you can share?
I’ve found this
Thanks.
I did see this, but i always hear people say it is bad to compile and and install from source in arch and it’s variants, so i thought you might have a PKGBUILD that i can use to install it. As i can’t make PKGBUILD.
Hostapd and create_ap requires that the network is not managed by Network-Manger. so then how can i connect by dsl broadband?
@al0o0z For me to remember, have you created a bridge for the devices to connect to the same network on your computer, or to connect to another range of addresses?
To be honest, i don’t get what you are saying, i’ve been using linux for a year now but haven’t come to grasp anything of importance, i am a slow learner
I pass this link, I think it will be helpful.
https://wiki.archlinux.org/index.php/Software_access_point
Network configuration (extracted from that link)
There are two basic ways for implementing this:
- bridge : creates a network bridge on your computer, wireless clients will appear to access the same network interface and the same subnet that’s used by your computer.
- NAT : with IP forwarding/masquerading and DHCP service, wireless clients will use a dedicated subnet, data from/to that subnet is NAT-ted. This is similar to a normal Wi-Fi router which is connected to the internet.
The bridge approach is simpler, but it requires that any service that is needed by the wireless clients, in particular DHCP, is available on the computer’s external interface. This means it will not work if the external modem which assigns IP addresses, supplies the same one to different clients.
The NAT approach is more versatile, as it clearly separates Wi-Fi clients from your computer and it is completely transparent to the outside world. It will work with any kind of network connection, and (if needed) traffic policies can be introduced using the usual iptables approach.
It is possible to combine these two approaches: for example having a bridge that contains both an ethernet device and the wireless device with a static ip, offering DHCP and setting NAT configured to relay the traffic to an additional network device connected to the WAN.
@al0o0z The good thing about the forum is that, we help each other by learning and sharing. No one was born learned
The solution to this problem is installing “dnsmasq” otherwise connection will not work and keep trying to “obtaining ip address”