我使用的是 RaspberryPi 4 (4GB),我能够/etc/wpa_supplicant/wpa_supplicant.conf
正确设置所有需要的证书,以在我们公司的 wifi 上进行身份验证:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US
fast_reauth=1
network={
ssid="WIFI-Com"
scan_ssid=1
key_mgmt=WPA-EAP IEEE8021X
pairwise=CCMP
group=CCMP
eap=TLS
identity="[email protected]"
ca_cert="/etc/cert/ca.pem"
client_cert="/etc/cert/client.pem"
private_key="/etc/cert/clientkey.pem"
}
用于wpa_supplicant -i wlan0 -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf
测试,认证完美,获取有效IP:
Successfully initialized wpa_supplicant
ioctl[SIOCSIWENCODEEXT]: Invalid argument
ioctl[SIOCSIWENCODEEXT]: Invalid argument
wlan0: Trying to associate with 00:5d:71:c9:4d:ef (SSID='WIFI-Com' freq=5320 MHz)
FT: Invalid group cipher (0)
Failed to add supported operating classes IE
wlan0: Associated with 00:5d:71:c9:4d:ef
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
tls_connection_set_params: Clearing pending SSL error: error:14187180:SSL routines:ssl_do_config:bad value
tls_connection_set_params: Clearing pending SSL error: error:14187180:SSL routines:ssl_do_config:bad value
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/DC=com/DC=company/CN=Company Certification Authority' hash=53e1f7164f972fccfa24dc5dee64e362bed56ea014995fd990c760dd873760a7
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=COM/L=NewYork/O=Company/CN=eap.comp.com' hash=d586970276d8076bd01cdbd4258452ea291d72af282fefa80fd8f8ef55e0c471
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
wlan0: PMKSA-CACHE-ADDED 00:5d:71:c9:4d:ef 0
wlan0: WPA: Key negotiation completed with 00:5d:71:c9:4d:ef [PTK=CCMP GTK=CCMP]
wlan0: CTRL-EVENT-CONNECTED - Connection to 00:5d:71:c9:4d:ef completed [id=0 id_str=]
$ ifconfig
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.128.131.109 netmask 255.255.255.0 broadcast 10.188.139.255
inet6 fe80::4665:3320:1509:a176 prefixlen 64 scopeid 0x20<link>
ether dc:a6:32:2d:3e:e2 txqueuelen 1000 (Ethernet)
RX packets 4329 bytes 1559945 (1.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5734 bytes 2019622 (1.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
如果我重新启动 Pi 并运行ps auxwww | grep wpa
它应该连接到我的 wifi,因为它使用上面给出的命令。但事实并非如此,它使用了 driver nl80211
。根据我的经验,只有使用专有的-D wext
.在哪里可以编辑-D
启动时使用的参数?
root 334 .. 0:00 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
root 440 .. 0:00 wpa_supplicant -B -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0 -Dnl80211,wext
pi 721 .. 0:00 grep --color=auto wpa
答案1
/lib/dhcpcd/dhcpcd-hooks/10-wpa_supplicant
您只需添加即可,而不是修改
env wpa_supplicant_driver=wext
到 结束/etc/dhcpcd.conf
。
答案2
我能弄清楚。由于某种原因,它使用了nl80211
代替,wext
并且我删除了nl80211
中的每个条目/lib/dhcpcd/dhcpcd-hooks/10-wpa_supplicant
。
非常特殊的情况,也许不是常见的方式,但成功了。