Wpa supplicant: Difference between revisions
imported>Rasmus-kirk m Fixed mac spoofing code |
imported>Rasmus-kirk Fixed mac spoofing |
||
| Line 47: | Line 47: | ||
Since there is no option to randomize your MAC address for wpa supplicant, you can instead create your own service using GNU's macchanger: | Since there is no option to randomize your MAC address for wpa supplicant, you can instead create your own service using GNU's macchanger: | ||
<syntaxHighlight lang=nix> | <syntaxHighlight lang=nix> | ||
systemd.services.macchanger = { | let | ||
change-mac = pkgs.writeShellScript "change-mac" '' | |||
card=$1 | |||
tmp=$(mktemp) | |||
${pkgs.macchanger}/bin/macchanger "$card" -s | grep -oP "[a-zA-Z0-9]{2}:[a-zA-Z0-9]{2}:[^ ]*" > "$tmp" | |||
mac1=$(cat "$tmp" | head -n 1) | |||
mac2=$(cat "$tmp" | tail -n 1) | |||
if [ "$mac1" = "$mac2" ]; then | |||
if [ "$(cat /sys/class/net/"$card"/operstate)" = "up" ]; then | |||
${pkgs.iproute2}/bin/ip link set "$card" down && | |||
macchanger -r "$card" | |||
${pkgs.iproute2}/bin/ip link set "$card" up | |||
else | |||
${pkgs.macchanger}/bin/macchanger -r "$card" | |||
fi | |||
fi | |||
''; | |||
in | |||
systemd.services.macchanger = { | |||
enable = true; | |||
description = "macchanger on wlan0"; | |||
wants = [ "network-pre.target" ]; | |||
before = [ "network-pre.target" ]; | |||
bindsTo = [ "sys-subsystem-net-devices-wlan0.device" ]; | |||
after = [ "sys-subsystem-net-devices-wlan0.device" ]; | |||
wantedBy = [ "multi-user.target" ]; | |||
serviceConfig = { | |||
Type = "oneshot"; | |||
ExecStart = "${change-mac} wlan0"; | |||
}; | |||
}; | }; | ||
</syntaxHighlight> | </syntaxHighlight> | ||
Where you need to change the <code> | Where you need to change the <code>wlan0</code> with your own wifi network interface. You can list your interfaces by running <code>ip link</code>, your wifi network interface should have "wl" prepended. Note that the above snippet fully randomizes your MAC address, for more information you can read macchanger's manpage. This obviously requires you to have the <code>macchanger</code> package installed. | ||
== External links == | == External links == | ||
[https://www.stura.htw-dresden.de/stura/ref/hopo/dk/nachrichten/eduroam-meets-nixos (german) article ''eduroam meets NixOS'' (with configuration)] (instance ''University of Applied Sciences Dresden'': The [https://cat.eduroam.org/?idp=5106&profile=5098 eduroam installer for GNU/Linux] works [https://www.htw-dresden.de/en/university/organisation/it-service-centre/services-for-workplace-and-communication/wi-fi-/-wlan/eduroam/linux for example for Ubuntu] but not [[NixOS]]) | [https://www.stura.htw-dresden.de/stura/ref/hopo/dk/nachrichten/eduroam-meets-nixos (german) article ''eduroam meets NixOS'' (with configuration)] (instance ''University of Applied Sciences Dresden'': The [https://cat.eduroam.org/?idp=5106&profile=5098 eduroam installer for GNU/Linux] works [https://www.htw-dresden.de/en/university/organisation/it-service-centre/services-for-workplace-and-communication/wi-fi-/-wlan/eduroam/linux for example for Ubuntu] but not [[NixOS]]) | ||
Revision as of 09:19, 15 February 2022
General
wpa_supplicant can be enabled on NixOS with networking.wireless.enable = true.
Extra configuration can be specified inside networking.wireless.extraConfig.
wpa_supplicant_gui
To be able to use wpa_gui or wpa_cli as user put the following in your configuration.nix file:
networking.wireless.userControlled.enable = true;
Also your user must be part of the wheel group (replace USER with your username):
users.extraUsers.USER.extraGroups = [ "wheel" ];
Using wpa_supplicant from within the configuration file
You can configure your networks with the option networks. You have to fill the name(s) of your wifi(s) after the option and the preshared-key(s) (usually called psk). If you do not want to have your secret key in plaintext, you can use pskRaw, generated with wpa_passphrase SSID password. An example of using networks :
networking.wireless.networks.Wifi_name.pskRaw = "pskRaw generated";
If you have multiple networks, and you want to set the priority, you can use networking.wireless.networks.Wifi_name.priority = <value>;
Switching Network
From the shell terminal, use the wpa_cli command line tool and specify the network interface device with -g
wpa_cli -g /run/wpa_supplicant/wlp3s0
list_network
select_network 2
As a means to debug if things are working, open another terminal and examine the logs by:
journalctl -u wpa_supplicant -f
MAC spoofing
Since there is no option to randomize your MAC address for wpa supplicant, you can instead create your own service using GNU's macchanger:
let
change-mac = pkgs.writeShellScript "change-mac" ''
card=$1
tmp=$(mktemp)
${pkgs.macchanger}/bin/macchanger "$card" -s | grep -oP "[a-zA-Z0-9]{2}:[a-zA-Z0-9]{2}:[^ ]*" > "$tmp"
mac1=$(cat "$tmp" | head -n 1)
mac2=$(cat "$tmp" | tail -n 1)
if [ "$mac1" = "$mac2" ]; then
if [ "$(cat /sys/class/net/"$card"/operstate)" = "up" ]; then
${pkgs.iproute2}/bin/ip link set "$card" down &&
macchanger -r "$card"
${pkgs.iproute2}/bin/ip link set "$card" up
else
${pkgs.macchanger}/bin/macchanger -r "$card"
fi
fi
'';
in
systemd.services.macchanger = {
enable = true;
description = "macchanger on wlan0";
wants = [ "network-pre.target" ];
before = [ "network-pre.target" ];
bindsTo = [ "sys-subsystem-net-devices-wlan0.device" ];
after = [ "sys-subsystem-net-devices-wlan0.device" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${change-mac} wlan0";
};
};
Where you need to change the wlan0 with your own wifi network interface. You can list your interfaces by running ip link, your wifi network interface should have "wl" prepended. Note that the above snippet fully randomizes your MAC address, for more information you can read macchanger's manpage. This obviously requires you to have the macchanger package installed.
External links
(german) article eduroam meets NixOS (with configuration) (instance University of Applied Sciences Dresden: The eduroam installer for GNU/Linux works for example for Ubuntu but not NixOS)