Hi, On Fri, Oct 07, 2011 at 01:55:29PM +0200, Stefan Lippers-Hollmann wrote: > On Friday 07 October 2011, Sebastian Harl wrote: > > On Tue, Oct 04, 2011 at 04:47:08PM +0200, Stefan Lippers-Hollmann wrote: > > > On Tuesday 04 October 2011, Sebastian Harl wrote: > > > [...] > > > > > > > > it would be nice to be able to let wpa-supplicant query for PSKs / > > > > passphrases / whatever when configuring a network in interfaces(5). This > > > > is useful, for example, on shared notebooks or similar. > > > > > > > > The attached patch allows to specify 'wpa-ask-pass yes' or 'wpa-ask-psk > > > > yes' in interfaces(5). The passphrase / PSK will then be read from stdin > > > > when running 'ifup <iface>'. > > > > > > How do you imagine this to work, especially considering the auto/ allow > > > hotplug cases in /etc/network/interfaces (ifupdown integration)? > > > > Hrm, my use-case is using 'ifup' manually once the system is up. Since > > there is no (native) support for auto-detection (afaik) of wireless > > networks, I'd imagine that I'm not the only one doing it that way. (This > > is unless you're using stuff like NM or wicd -- but in those cases my > > approach is not needed anyway. In fact it's my preferred replacement for > > those tools, which allows me to have full control over what is > > happening.) > > Did you try a roaming setup with wpasupplicant? […] > This allows automatic roaming and handover without n-m, wicd, etc., > further info about possible configuration options is under > /usr/share/doc/wpasupplicant/ and /usr/share/doc/wpasupplicant/examples
Oh, I didn't know about that so far. Sounds great, though :-) Thanks! > The remaining use case is so specialized: > > - must not use auto/ allow-hotplug in /e/n/i > - using a controlling terminal, ideally with X access, in an > interactive way is mandatory > - ESSID (usually short) is fixed, but the psk (hopefully long and > complex, 63 characters ASCII or 64 hexadecimal digits) needs to be > typed every time > > that I personally don't consider this to be a viable option for the > wpasupplicant packages in Debian, because potential users will expect > it to work with auto/ allow-hotplug on boot (similar to booting from an > encrypted rootfs). While I think this could be handled by a note in the documentation, this might still cause some unnecessary noise by users not reading the documentation (I've been told such people exist ;-)). So, please feel free to close the bug or tag it wontfix (I'll leave that up to you, else I'd have closed the bug already). > > > For this particular use case of not storing a psk to disk, wouldn't it > > > be easier to use wpa_cli or wpa_gui instead, or to make use of a higher > > > level networking interface (e.g. network-manager, wicd, or a simple > > > custom tools or dæmon making use of wpasupplicant's D-Bus interface)? > > > > Well, I don't like NM, wicd or other stuff doing certain kinds of magic > > in the background. That's why I like being able to define logical > > interfaces in interfaces(5) and decide on my own, which configuration to > > use. Imho, that's the easiest approach to solving my use case. > > I don't like those either, less because of their "magic", but rather > because of their dependencies (D-Bus) and what I consider massive bugs > (not configurable without X or in and editor, connections might drop > on upgrade (lovely, if you're upgrading over ssh/ wlan, etc. pp.) Ack! Those are some more reasons not to use them ;-) Thanks for your detailed and fast feedback! Cheers, Sebastian -- Sebastian "tokkee" Harl +++ GnuPG-ID: 0x8501C7FC +++ http://tokkee.org/ Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin
signature.asc
Description: Digital signature
