Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Setup Wifi on Raspberry Pi

Setup Wireless LAN for Raspberry Pi

The following guide describes how to setup Raspberry Pi to connect to Wifi. It was tested on the following environment:

  • Raspberry Pi Model B
  • Edimax EW-7811Un USB Wifi dongle
  • OS: Raspbian Jessie

Here are the overview of the steps:

  1. Ensure that the dongle is recognized
  2. Setup authentication info
  3. Ensure that the network interface use the authentication info
  4. Prevent the dongle from powering down

Step 1. Ensure that the dongle is recognized

Check if the USB hub of the Pi detect the device:

lsusb

You should see that the Edimax dongle is detected like the following.

Bus 001 Device 002: ID 0424:9514 Standard Microsystems Corp. 
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. 
Bus 001 Device 005: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]

Next, check if the kernel driver is loaded

lsmod

You should see 8912cu loaded in the output like below.

Module                  Size  Used by
8192cu                528365  0 
cfg80211              386508  0 
rfkill                 16651  2 cfg80211
i2c_dev                 6027  18 
snd_bcm2835            18649  0 
...

Check that the device is detected by Linux's wireless network configuration.

iwconfig

You should see wlan0 in the output like below.

wlan0     unassociated  Nickname:"<WIFI@REALTEK>"
...

At this point, we can be sure that the dongle is operational.

Step 2. Setup authentication info

Now, you should check what type of authentication your network use.

  • Personal: Typical home router require one password to connect. (Keywords: WPA, WPA2)

  • Enterprise: If you use the enterprise network, e.g., eduroam at the university, you will have user name and password. (Keywords: PEAP, MSCHAPV2)

For security reason, we will create a hash of your password. This hash will be used in the configuration file for the authentication info. This avoids saving your password in plain text. See Appendix 1 (Personal) or Appendix 2 (Enterprise) for details.

Now you can add proper authentication info in the file /etc/wpa_supplicant/wpa_supplicant.conf. Use the following command to launch nano editor to edit this file.

sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

Here're what you should add (depending on the authentication type). Replace YOUR_NETWORK_NAME, YOUR_USER_NAME, YOUR_PASSWORD_HASH below. (Keep the quotation marks if present.) If you have multiple network configurations, you can also add multiple entries.

Personal authentication (WPA, WPA2)

network={
ssid="YOUR_NETWORK_NAME"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="YOUR_NETWORK_PASSWORD"
}

Enterprise authentication (MSCHAPV2)

network={
ssid="YOUR_NETWORK_NAME"
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP TKIP
group=CCMP TKIP
identity="YOUR_USER_NAME"
password=hash:YOUR_PASSWORD_HASH
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}

For a thorough explanation about important keys in the settings, read [NetBeez's instruction][NetBeez].

Now, we have the authentication information ready.

Step 3. Ensure that the network interface use the authentication info

Here, you should edit /etc/network/interface. Find the section about wlan0 and replace it with one of the following configuration (again, depending on your authentication type).

Personal authentication (WPA, WPA2)

auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

Enterprise authentication (MSCHAPV2)

auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
	pre-up wpa_supplicant -B -Dwext -i wlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf
	post-down killall -q wpa_supplicant

Now, try bringing the network interface down and up again:

sudo ifdown wlan0
sudo up wlan0

The following error message should be ignored. It's a known bug upstream from Debian.

ioctl[SIOCSIWAP]: Operation not permitted
ioctl[SIOCSIWENCODEEXT]: Invalid argument
ioctl[SIOCSIWENCODEEXT]: Invalid argument

If there's no error, you should be able to see the wireless adapter connected with the following command

iwconfig

The output will show the SSID and other connection info.

wlan0     IEEE 802.11bgn  ESSID:"YOUR_NETWORK_NAME"  Nickname:"<WIFI@REALTEK>"
          Mode:Managed  Frequency:2.457 GHz  Access Point: XX:XX:XX:XX:XX:XX   
          Bit Rate:72.2 Mb/s   Sensitivity:0/0  
          Retry:off   RTS thr:off   Fragment thr:off

You should check if you have an IP address with the following command:

ifconfig

The wlan0 entry should have an IP address, like the following.

...
wlan0     Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX  
          inet addr:192.168.0.110  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:497 errors:0 dropped:32 overruns:0 frame:0
          TX packets:373 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:83237 (81.2 KiB)  TX bytes:60068 (58.6 KiB)
...

You should be able to ping Google.

sudo ping google.com

Step 4. Prevent the dongle from powering down

This is an optional step to prevent the dongle from powering down (resulting in periodic disconnection). Svay pointed this out in his [blog post][Svay]. First, we will add a task to periodically ping Google DNS server (8.8.8.8)

crontab-e

Add the following line at the end of file.

*/1 * * * * ping -c 1 8.8.8.

Next, we will configure the kernel driver not to power down.

sudo nano /etc/modprobe.d/8192cu.conf

Add the following line

options 8192cu rtw_power_mgnt=0 rtw_enusbss=0

All is good, now reboot you Pi.

sudo reboot
Appendix 2: Creating the hash of your password (Personal) --- You need to know your network name (SSID) and password. Then, use the following command.
wpa_passphrase YOUR_NETWORK_NAME YOUR_PASSWORD

The output would be something like following.

network={
	ssid="YOUR_NETWORK_NAME"
	#psk="YOUR_PASSWORD"
	psk=a1234e0629be38b2xxxxxxxx6db0263a1234e0629be38b2472ce72f6db027afc
}

The string after psk= is your hash. (Here, it's a1234...afc).

Don't forget to clear your history. See Appendix 3

Appendix 2: Creating the hash of your password (Enterprise) ---

The following instructions are for enterprise authentication. Use the following command, courtesy of [Duncan et al.][Duncan], to create a hash of your password.

echo -n 'YOUR_PASSWORD' | iconv -t utf16le | openssl md4

The output would be something like following.

(stdin)= a1234exxxxxxxx72f6db0263

The string after the equal sign is your hash. (Here, it's a6be0...20263).

Don't forget to clear your history. See Appendix 3

Appendix 3: Clear History ---

You should clear the history of your input which contains the password in plain text. If you don't mind wiping all history, use the following command:

history -c

Otherwise, you can delete a specific line of history. The first command below shows the tail of your history list. Note the line number that contains your password. The second command remove the history at line 400. (Replace 400 with your line number.)

history | tail
history -d 400

References

[Duncan]Duncan White, et al. wrote about keeping password in hashed form

[NetBeez]NetBeez wrote a good summary of important concepts about authentication

[Savage]savage.home.automation's guide specific for Edimax

[Svay][Svay's guide to setup wifi][http://svay.com/blog/setting-up-a-wifi-connection-on-the-raspberrypi/]

# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback
iface eth0 inet manual
#===============================================================================
# Uncomment below for WPA authentication (password-only wifi)
#===============================================================================
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
#===============================================================================
#===============================================================================
# Uncomment below for enterprise authentication
#===============================================================================
# auto wlan0
# allow-hotplug wlan0
# iface wlan0 inet dhcp
# pre-up wpa_supplicant -B -Dwext -i wlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf
# post-down killall -q wpa_supplicant
#===============================================================================
allow-hotplug wlan1
iface wlan1 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
#===============================================================================
# Use this section for enterprise authentication (e.g., eduroam or uzh)
#===============================================================================
network={
ssid="YOUR_NETWORK_NAME"
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP TKIP
group=CCMP TKIP
identity="YOUR_USER_NAME"
password=hash:YOUR_PASSWORD_HASH
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
#===============================================================================
# Use this section for password-only authentication (e.g., your typical home router)
#===============================================================================
network={
ssid="YOUR_NETWORK_NAME"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk=YOUR_PASSWORD_HASH
}

ozkalt commented Apr 13, 2017

sudo up wlan0 does not work but sudo ifup wlan0 works fine, if you have this problem, try this method to connect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment