wpa_supplicant and dhclient.
Dan Williams
dcbw
Fri Mar 4 22:47:26 PST 2011
On Tue, 2011-03-01 at 12:40 +0000, Martinsson Patrik wrote:
> Hello,
>
> We use 802.X authentication with certificates stored on smart card,
> this seems to be working with wpa_supplicant, however I'm a bit
> confused when it comes to wpa_supplicant and the (if any) relation
> with dhclient.
>
> Today we use NetworkManager to handle the connections, however NM is
> not able to pass the needed pkcs11 options to wpa_supplicant, and
> therefore I'm currently trying to use wpa_supplicant in "standalone"
> mode.
That can be fixed; the patches that Ubuntu carries aren't the right
solution to the issue; it should get fixed for real. The problem is
that everyone has different PKCS#11 providers, and making sure that UI
is correct is kinda hard. Nobody's stepped up yet. If you're willing
to work through some of the design issues, we can possibly move forward
on that front... which would be good, it kinda got dropped.
Dan
> So the procedure today is basically,
> - Stop NM.
> - Stop dhclient (started by NM)
> - Stop wpa_supplicant (started by NM)
> - Start wpa_supplicant
> - Start wpa_gui to connect and enter pin.
> - Start dhclient on the interface we just brought up.
>
> This feels rather messy, although as a sysadmin you can live with it,
> however as a regular user you can not.
>
> Basically I have two questions,
> - Since dhclient already is started by NM with dbussupport, why cant
> wpa_supplicant/gui talk to dhclient and request an ip when a
> successful connection is made, should I manually have to start
> dhclient whenever I've connected through wpa_supplicant, or am I
> missing something ?
> - Does anybody have any suggestions at all how to make this easy and
> workable for a regular user ?
>
> We use Rhel 6.
> It's a shame that NM can't handle certificates stored on smart cards -
> that would have been the ultimate solution.
>
> Patrik Martinsson
>
> ITi
>
> SMHI
> Telefon 011 - 495 84 17 Fax 011 - 495 83 50
> Mobil 011 - 495 84 17 Epost Patrik.Martinsson at smhi.se
> 601 76 Norrk?ping Bes?ksadress Folkborgsv?gen 1
> www.smhi.se
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list