[CentOS-es] Configuración de seguridad de mi conexión wireles con WPA

Muy buenas tardes, he pasado un buen rato tratando de configurar mi dispositivo wireles intel 3945abg y he logrado hacerlo funcionar descargando los paquetes necesarios.. pero ahora necesito que esa conexión sea segura, para lo cual el access point esta configurado con wpa-psk con encripcion tkip, trato de realizar la configuración en el archivo /etc/wpa_supplicant/wpa_supplicant.conf

/*************************************************************************/ wpa_supplicant.conf /*************************************************************************/ ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel network={ scan_ssid=1 ssid="cartman-network" key_mgmt=WPA-PSK proto=WPA psk=8e0de13fd65abcaf4e5ba959612e95739709cf41df23a7067fc51b3adf990a8d } /*************************************************************************/ El valor para psk lo genere mediante el comando wpa_passphrase

Luego de esto intento activar mi interfaz de red que se encuentra configurada de la siguiente forma:

/*************************************************************************/ ifcfg-eth1 /*************************************************************************/ # Please read /usr/share/doc/initscripts-*/sysconfig.txt # for the documentation of these parameters. TYPE=Wireless DEVICE=eth1 HWADDR=00:19:d2:8a:1c:30 BOOTPROTO=dhcp NETMASK= DHCP_HOSTNAME= IPADDR= DOMAIN= ONBOOT=yes USERCTL=no IPV6INIT=no PEERDNS=yes AP=00:19:5B:E7:03:30 MODE=Auto ESSID=cartman-network CHANNEL=6 RATE='54 Mb/s' DEFAULTKEY=1 KEY=8e0de13fd65abcaf4e5ba959612e95739709cf41df23a7067fc51b3adf990a8d SECURITYMODE=on /*************************************************************************/

se presenta esto en la consola

/*************************************************************************/ Activando interfaz eth1: Determinando la información IP para eth1...PING 205.205.205.5 (205.205.205.5) from 205.205.205.1 eth1: 56(84) bytes of data.

--- 205.205.205.5 ping statistics --- 4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2999ms , pipe 3 falló. [FALLÓ] [root@centos5-cartman ~]# /*************************************************************************/

y se muestra el siguiente log en el /var/log/messages

/*************************************************************************/ Nov 12 12:48:24 centos5-cartman kernel: ADDRCONF(NETDEV_UP): eth1: link is not ready Nov 12 12:48:25 centos5-cartman kernel: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready Nov 12 12:48:25 centos5-cartman dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67 Nov 12 12:48:27 centos5-cartman avahi-daemon[2914]: New relevant interface eth1.IPv6 for mDNS. Nov 12 12:48:27 centos5-cartman avahi-daemon[2914]: Joining mDNS multicast group on interface eth1.IPv6 with address fe80::219:d2ff:fe8a:1c30. Nov 12 12:48:27 centos5-cartman avahi-daemon[2914]: Registering new address record for fe80::219:d2ff:fe8a:1c30 on eth1. Nov 12 12:48:32 centos5-cartman dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67 Nov 12 12:48:41 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 7 Nov 12 12:48:48 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 9 Nov 12 12:48:57 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 11 Nov 12 12:49:08 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 19 Nov 12 12:49:27 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 11 Nov 12 12:49:38 centos5-cartman dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 4 Nov 12 12:49:42 centos5-cartman dhclient: No DHCPOFFERS received. Nov 12 12:49:42 centos5-cartman dhclient: Trying recorded lease 205.205.205.1 Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: New relevant interface eth1.IPv4 for mDNS. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Joining mDNS multicast group on interface eth1.IPv4 with address 205.205.205.1. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Registering new address record for 205.205.205.1 on eth1. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Withdrawing address record for 205.205.205.1 on eth1. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Leaving mDNS multicast group on interface eth1.IPv4 with address 205.205.205.1. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: iface.c: interface_mdns_mcast_join() called but no local address available. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Interface eth1.IPv4 no longer relevant for mDNS. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: New relevant interface eth1.IPv4 for mDNS. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Joining mDNS multicast group on interface eth1.IPv4 with address 205.205.205.1. Nov 12 12:49:42 centos5-cartman avahi-daemon[2914]: Registering new address record for 205.205.205.1 on eth1. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Withdrawing address record for 205.205.205.1 on eth1. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Leaving mDNS multicast group on interface eth1.IPv4 with address 205.205.205.1. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: iface.c: interface_mdns_mcast_join() called but no local address available. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Interface eth1.IPv4 no longer relevant for mDNS. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Interface eth1.IPv6 no longer relevant for mDNS. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Leaving mDNS multicast group on interface eth1.IPv6 with address fe80::219:d2ff:fe8a:1c30. Nov 12 12:49:45 centos5-cartman avahi-daemon[2914]: Withdrawing address record for fe80::219:d2ff:fe8a:1c30 on eth1. /*************************************************************************/

entonces ejecuto el siguiente comando para probar la conectividad del wpa_supplicant

wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -ieth1 -d

se muestra lo siguiente: /*************************************************************************/ Initializing interface 'eth1' conf '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' -> '/etc/wpa_supplicant/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' ctrl_interface_group=10 (from group name 'wheel') Priority group 0 id=0 ssid='cartman-network' Initializing interface (2) 'eth1' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state NO_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAP entering state DISABLED EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 SIOCGIWRANGE: WE(compiled)=20 WE(source)=16 enc_capa=0xf capabilities: key_mgmt 0xf enc 0xf Own MAC address: 00:19:d2:8a:1c:30 wpa_driver_hostap_set_wpa: enabled=1 wpa_driver_hostap_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 Failed to set encryption. wpa_driver_hostap_set_countermeasures: enabled=0 wpa_driver_hostap_set_drop_unencrypted: enabled=1 Setting scan request: 0 sec 100000 usec Added interface eth1 Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added State: DISCONNECTED -> SCANNING Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=15): 63 61 72 74 6d 61 6e 2d 6e 65 74 77 6f 72 6b cartman-network Failed to initiate AP scan. Setting scan request: 10 sec 0 usec RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:19:5b:e7:03:30 State: SCANNING -> ASSOCIATED Associated to a new BSS: BSSID=00:19:5b:e7:03:30 No keys have been configured - skip key clearing Network configuration found for the current AP WPA: No WPA/RSN IE available from association info WPA: Set cipher suites based on configuration WPA: Selected cipher suites: group 30 pairwise 24 key_mgmt 2 WPA: clearing AP WPA IE WPA: clearing AP RSN IE WPA: using GTK CCMP WPA: using PTK CCMP WPA: using KEY_MGMT WPA-PSK WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02 EAPOL: External notification - EAP success=0 EAPOL: External notification - EAP fail=0 EAPOL: External notification - portControl=Auto Associated with 00:19:5b:e7:03:30 WPA: Association event - clear replay counter EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 EAPOL: External notification - EAP success=0 EAPOL: External notification - portEnabled=1 EAPOL: SUPP_PAE entering state CONNECTING EAPOL: SUPP_BE entering state IDLE Setting authentication timeout: 10 sec 0 usec RX EAPOL from 00:19:5b:e7:03:30 Setting authentication timeout: 10 sec 0 usec IEEE 802.1X RX: version=1 type=3 length=95 EAPOL-Key type=254 WPA: ignoring 8 bytes after the IEEE 802.1X data WPA: CCMP is used, but EAPOL-Key descriptor version (1) is not 2. EAPOL: startWhen --> 0 EAPOL: SUPP_PAE entering state CONNECTING EAPOL: txStart WPA: drop TX EAPOL in non-IEEE 802.1X mode (type=1 len=0) Scan timeout - try to get results Received 261 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:19:5b:e7:03:30 ssid='cartman-network' wpa_ie_len=24 rsn_ie_len=0 caps=0x11 selected based on WPA IE Already associated with the selected AP. Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:00:00:00:00:00 Setting scan request: 0 sec 100000 usec Added BSSID 00:19:5b:e7:03:30 into blacklist State: ASSOCIATED -> DISCONNECTED EAPOL: External notification - portEnabled=0 EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: SUPP_BE entering state INITIALIZE EAPOL: External notification - portValid=0 EAPOL: External notification - EAP success=0 ....... /*************************************************************************/

De lo cual puedo observar la linea

No keys have been configured - skip key clearing

Al parecer la llave no esta bien configurada.. donde esta el errror?

Gracias.