Skip to content

Instantly share code, notes, and snippets.

@penguinpowernz penguinpowernz/
Last active Jul 12, 2019

What would you like to do?
WPA CLI commands
command args description
status [verbose] get current WPA/EAPOL/EAP status
ifname get current interface name
ping pings wpa_supplicant
relog re-open log-file (allow rolling logs)
note <text> add a note to wpa_supplicant debug log
mib get MIB variables (dot1x, dot11)
help [command] show usage help
interface [ifname] show interfaces/select interface
level <debug level> change debug level
license show full wpa_cli license
quit exit wpa_cli
set set variables (shows list of variables when run without arguments)
dump dump config variables
get <name> get information
logon IEEE 802.1X EAPOL state machine logon
logoff IEEE 802.1X EAPOL state machine logoff
pmksa show PMKSA cache
pmksa_flush flush PMKSA cache entries
reassociate force reassociation
reattach force reassociation back to the same BSS
preauthenticate <BSSID> force preauthentication
identity <network id> <identity> configure identity for an SSID
password <network id> <password> configure password for an SSID
new_password <network id> <password> change password for an SSID
pin <network id> <pin> configure pin for an SSID
otp <network id> <password> configure one-time-password for an SSID
passphrase <network id> <passphrase> configure private key passphrase for an SSID
sim <network id> <pin> report SIM operation result
bssid <network id> <BSSID> set preferred BSSID for an SSID
blacklist <BSSID> add a BSSID to the blacklist
blacklist clear clear the blacklist
blacklist display the blacklist
log_level <level> [<timestamp>] update the log level/timestamp
log_level display the current log level and log options
list_networks list configured networks
select_network <network id> select a network (disable others)
enable_network <network id> enable a network
disable_network <network id> disable a network
add_network add a network
remove_network <network id> remove a network
set_network <network id> <variable> <value> set network variables (shows list of variables when run without arguments)
get_network <network id> <variable> get network variables
dup_network <src network id> <dst network id> <variable> duplicate network variables
list_creds list configured credentials
add_cred add a credential
remove_cred <cred id> remove a credential
set_cred <cred id> <variable> <value> set credential variables
get_cred <cred id> <variable> get credential variables
save_config save the current configuration
disconnect disconnect and wait for reassociate/reconnect command before connecting
reconnect like reassociate, but only takes effect if already disconnected
scan request new BSS scan
scan_results get latest scan results
bss `<idx bssid>`
get_capability <eap/pairwise/group/key_mgmt/proto/auth_alg/channels/freq/modes> get capabilies
reconfigure force wpa_supplicant to re-read its configuration file
terminate terminate wpa_supplicant
interface_add <ifname> <confname> <driver> <ctrl_interface> <driver_param> <bridge_name> adds new interface, all parameters but <ifname> are optional
interface_remove <ifname> removes the interface
interface_list list available interfaces
ap_scan <value> set ap_scan parameter
scan_interval <value> set scan_interval parameter (in seconds)
bss_expire_age <value> set BSS expiration age parameter
bss_expire_count <value> set BSS expiration scan count parameter
bss_flush <value> set BSS flush age (0 by default)
stkstart <addr> request STK negotiation with <addr>
ft_ds <addr> request over-the-DS FT with <addr>
wps_pbc [BSSID] start Wi-Fi Protected Setup: Push Button Configuration
wps_pin <BSSID> [PIN] start WPS PIN method (returns PIN, if not hardcoded)
wps_check_pin <PIN> verify PIN checksum
wps_cancel Cancels the pending WPS operation
wps_nfc [BSSID] start Wi-Fi Protected Setup: NFC
wps_nfc_config_token `<WPS NDEF>`
wps_nfc_token `<WPS NDEF>`
wps_nfc_tag_read <hexdump of payload> report read NFC tag with WPS data
nfc_get_handover_req <NDEF> <WPS> create NFC handover request
nfc_get_handover_sel <NDEF> <WPS> create NFC handover select
nfc_report_handover <role> <type> <hexdump of req> <hexdump of sel> report completed NFC handover
wps_reg <BSSID> <AP PIN> start WPS Registrar to configure an AP
wps_ap_pin [params..] enable/disable AP PIN
wps_er_start [IP address] start Wi-Fi Protected Setup External Registrar
wps_er_stop stop Wi-Fi Protected Setup External Registrar
wps_er_pin <UUID> <PIN> add an Enrollee PIN to External Registrar
wps_er_pbc <UUID> accept an Enrollee PBC using External Registrar
wps_er_learn <UUID> <PIN> learn AP configuration
wps_er_set_config <UUID> <network id> set AP configuration for enrolling
wps_er_config <UUID> <PIN> <SSID> <auth> <encr> <key> configure AP
wps_er_nfc_config_token <WPS/NDEF> <UUID> build NFC configuration token
ibss_rsn <addr> request RSN authentication with <addr> in IBSS
sta <addr> get information about an associated station (AP)
all_sta get information about all associated stations (AP)
deauthenticate <addr> deauthenticate a station
disassociate <addr> disassociate a station
chan_switch `<cs_count> [sec_channel_offset=] [center_freq1=] [center_freq2=] [bandwidth=] [blocktx] [ht vht]`
suspend notification of suspend/hibernate
resume notification of resume/thaw
roam <addr> roam to the specified BSS
p2p_find [timeout] [type=*] find P2P Devices for up-to timeout seconds
p2p_stop_find stop P2P Devices search
p2p_asp_provision <addr> adv_id=<adv_id> conncap=<conncap> [info=<infodata>] provision with a P2P ASP Device
p2p_asp_provision_resp <addr> adv_id=<adv_id> [role<conncap>] [info=<infodata>] provision with a P2P ASP Device
p2p_connect ` <"pbc" PIN> [ht40]`
p2p_listen [timeout] listen for P2P Devices for up-to timeout seconds
p2p_group_remove <ifname> remove P2P group interface (terminate group if GO)
p2p_group_add [ht40] add a new P2P group (local end as GO)
p2p_prov_disc <addr> <method> request provisioning discovery
p2p_get_passphrase get the passphrase for a group (GO only)
p2p_serv_disc_req <addr> <TLVs> schedule service discovery request
p2p_serv_disc_cancel_req <id> cancel pending service discovery request
p2p_serv_disc_resp <freq> <addr> <dialog token> <TLVs> service discovery response
p2p_service_update indicate change in local services
p2p_serv_disc_external <external> set external processing of service discovery
p2p_service_flush remove all stored service entries
p2p_service_add `<bonjour upnp
p2p_service_rep asp <auto> <adv_id> <svc_state> <svc_string> [<svc_info>] replace local ASP service
p2p_service_del `<bonjour upnp> <query
p2p_reject <addr> reject connection attempts from a specific peer
p2p_invite <cmd> [peer=addr] invite peer
p2p_peers [discovered] list known (optionally, only fully discovered) P2P peers
p2p_peer <address> show information about known P2P peer
p2p_set <field> <value> set a P2P parameter
p2p_flush flush P2P state
p2p_cancel cancel P2P group formation
p2p_unauthorize <address> unauthorize a peer
p2p_presence_req [<duration> <interval>] [<duration> <interval>] request GO presence
p2p_ext_listen [<period> <interval>] set extended listen timing
p2p_remove_client `<address iface=address>`
wfd_subelem_set <subelem> [contents] set Wi-Fi Display subelement
wfd_subelem_get <subelem> get Wi-Fi Display subelement
sta_autoconnect <0/1> disable/enable automatic reconnection
tdls_discover <addr> request TDLS discovery with <addr>
tdls_setup <addr> request TDLS setup with <addr>
tdls_teardown <addr> tear down TDLS with <addr>
wmm_ac_addts <uplink/downlink/bidi> <tsid=0..7> <up=0..7> [nominal_msdu_size=#] [mean_data_rate=#] [min_phy_rate=#] [sba=#] [fixed_nominal_msdu] add WMM-AC traffic stream
wmm_ac_delts <tsid> delete WMM-AC traffic stream
wmm_ac_status show status for Wireless Multi-Media Admission-Control
tdls_chan_switch ` [sec_channel_offset=] [center_freq1=] [center_freq2=] [bandwidth=] [ht vht]`
tdls_cancel_chan_switch <addr> disable channel switching with TDLS peer <addr>
signal_poll get signal parameters
pktcnt_poll get TX/RX packet counters
reauthenticate trigger IEEE 802.1X/EAPOL reauthentication
autoscan [params] Set or unset (if none) autoscan parameters
wnm_sleep <enter/exit> [interval=#] enter/exit WNM-Sleep mode
wnm_bss_query <query reason> Send BSS Transition Management Query
raw <params..> Sent unprocessed command
flush flush wpa_supplicant state
radio_work radio_work <show/add/done>
vendor <vendor id> <command id> [<hex formatted command argument>] Send vendor command
neighbor_rep_request [ssid=<SSID>] Trigger request to AP for neighboring AP report (with optional given SSID, default: current SSID)
erp_flush flush ERP keys
mac_rand_scan `<scan sched
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.