WIFIMGR(8) BSD System Manager's Manual WIFIMGR(8)NAMEwifimgr — WiFi Networks Manager
SYNOPSISwifimgrDESCRIPTIONwifimgr is a GUI-based tool to manage WiFi network configuration.
wifimgr supports open networks, and secured networks using WEP, WPA-PSK
and WPA-EAP with manual password or encryption key configuration. Auto‐
matic configuration for WPS is not supported, but passwords for WPS net‐
works can be entered manually as for WPA-PSK networks.
wifimgr acts merely as an editor of the wpa_supplicant.conf(5) file.
Actual network interface configuration and management is still done by
the wpa_supplicant(8) program.
Networks in the configuration file, together with new networks found by a
scan of the WiFi interface are displayed to the user. The user may
enable/disable networks as needed, enter either passwords or EAP configu‐
ration together with a short comment, and set a connection priority. To
make use of so-called ``cloaked'' networks which do not broadcast their
SSID and which are therefore not found by the interface scan, the user
can also manually add new networks to the list using the "Add" button.
When the "Save" button is clicked, the enabled networks are written back
out to the wpa_supplicant.conf(5) file and the network interface is
restarted.
wifimgr stores each network's SSID and BSSID in the configuration file
and uses these when identifying available networks. Using the combina‐
tion allows for situations where the same SSID is repeated on a separate
network which has different password. However, this also means that on a
network with multiple access points, there must be separate entries for
that network, one for each of the BSSIDs. Since that can become
unwieldly for networks with very many access points (e.g., organization-
wide networks and also mobile phone hotspots), the "Any BSSID" checkbox
can be checked to not save this network's BSSID. Keep in mind, however,
that doing this will mean that use of a different network that happens to
use the same SSID but a different authentication scheme or password will
then not be possible.
The priority field can be used to indicate which network or access points
should be preferred over others. Higher values mean higher priority. A
special priority value of -1 allows a network to be kept in the networks
file, but it will be ignored when scanning for networks to connect to.
Since this is not a standard feature of wpa_supplicant(8), this is accom‐
plished by prepending a ``*'' to the SSID when it is saved in the file.
This is useful to avoid having to re-enter passwords and comments if a
network might be needed again later.
Since wifimgr needs to restart the network interface and edit files that
might not be writable to regular users, when wifimgr starts up, it
requests the administrator (i.e., root) password.
The wpa_supplicant.conf(5) may be edited by hand in-between uses of
wifimgr.
CONFIGURATION
A network interface must be configured for WiFi use in /etc/rc.conf.
This is best done using a configuration entry such as:
ifconfig_wlan0="WPA DHCP"
using the appropriate interface name.
WIFI SECURITY
WiFi networks can operate with several security methods.
Security can be off. This is known as an open, plaintext or insecure
network. All packets broadcast over the network can be intercepted by
others and their contents examined. Networks in public places such as
airports and hotels are often open networks. Such networks can still be
used securely, but it is up to each application to provide its own secu‐
rity and it is up to the user to confirm, before each network use, that
application security is in use. ssh, https and PGP email are examples of
applications offering security themselves.
Early WiFi security was done using WEP, Wired Equivalent Privacy. WEP
uses a shared password to encrypt all data transmissions. Unfortunately,
the encryption technique used by WEP was easily cracked and software to
do this is widely available.
A replacement to WEP known as WPA, or WiFi Protected Access, has become
more widely used today. However, due to the urgency with which it was
needed, some vendors implemented it before the standards were completely
approved. This has led to there being several variants of WPA. Early
implementations are known as WPA networks. Once the standard was
approved, it was renamed to RSN, or Robust Secure Network also often
referred to as WPA2.
Both WPA and RSN offer several security models. Home users and small
businesses might use a shared access key, known as a pre-shared key
(PSK). Depending on the access point's capabilities, there can be a sin‐
gle PSK for all users or a separate PSK for each user. Larger enter‐
prises might use more complex key management schemes by means of
RSN/WPA's extensible authentication protocol (EAP). EAP typically
requires large keys and certificates stored in files.
All WiFi security was developed by the IEEE 802.11 Working Group. WEP
was the original IEEE 802.11 standard. WPA was the later IEEE 802.11i
draft 3 standard. RSN is the finalized IEEE 802.11i standard.
The security being used on a network is set in the access point configu‐
ration. wifimgr detects what security is available on a network and
prompts the user for suitable configuration to use it.
GUI SUPPORTwifimgr was originally written for users of the XFce4 window manager but
it will work in any environment with the GTK+ libraries installed.
ENVIRONMENT
TMPDIR directory where temporary files are written (default: "/tmp")
FILES
/etc/rc.conf system configuration file for configura‐
tion of WiFi interface
/etc/wpa_supplicant.conf networks configuration file
/etc/wpa_supplicant.conf.save backup of any wpa_supplicant.conf that
contains directives unknown to wifimgrSEE ALSOrc.conf(5), wpa_supplicant(8), wpa_supplicant.conf(5).
HISTORY
The wifimgr tool first appeared in FreeBSD 8.0.
AUTHOR
J.R. Oldroyd, Open Advisors Limited ⟨fbsd@opal.com⟩.
BSD October 30, 2009 BSD
