本文描述了如何在Debian系统上配置WiFi网口,从而连接无线网络。This page describes how to configure a WiFi interface on a Debian system, for use on a network.
目录
如果你的无线设备拥有一个可用的接口(使用iwconfig来验证),就有必要配置它并使之连上网络。如果你并没有发现无线接口,请参考 WiFi 来获得对应设备的驱动程序的信息。
Wireless network interface configuration can be performed using a connection manager (such as NetworkManager) or through Debian's /etc/network/interfaces file with a special purpose utility (such as wpa_supplicant). Examples of NetworkManager and wpa_supplicant configuration are described below. 无线网络接口的配置可以通过连接管理器(如 NetworkManager )或者 Debian 系统的配置文件/etc/network/interfaces 及特定的工具程序(如wpa_supplicant)来实现。使用NetworkManager 和 wpa_supplicant 来配置的例子参见下面的描述。
The WEP algorithm is insecure and deprecated by WPA. Use of WEP is not recommended and is not covered within this document. 注意 WEP 算法并不安全,WPA不建议使用。本文没有涉及到使用 WEP 的内容,也不推荐使用。
NetworkManager is configured through graphical interfaces, which are available for GNOME and KDE. Your wireless interface should not be referenced within Debian's /etc/network/interfaces file. 网络管理器作为任何一个前端管理包依赖的组件被引入进来,它可以通过 GNOME 和 KDE 图形界面来配置。不要在你 Debian 系统的/etc/network/interfaces文件内指引你的无线接口。
NetworkManager is also a front-end for wpa_supplicant. 网络管理器同样也是 wpa_supplicant 的前端处理器。 === GNOME === 对于GNOME
Ensure your user account is a member of the netdev group.
确认你的用户账号属于 netdev 组
Install the network-manager-gnome package:
安装debian包network-manager-gnome
$ su # aptitude update # aptitude install network-manager-gnome
See the NetworkManager page for frequently asked questions, documentation and support references.
Ensure your user account is a member of the netdev group.
Install the network-manager-kde package:
$ su # aptitude update # aptitude install network-manager-kde
See the NetworkManager page for frequently asked questions, documentation and support references.
The network-manager-kde package will work for icewm and Xfce too
wicd (Wireless Interface Connection Daemon) is an alternative to NetworkManager. It is environment independent, making it a perfect replacement for other desktop environments (e.g. Xfce, LXDE, Fluxbox, etc.). Like NetworkManager, wicd is configured via a graphical interface. Your wireless interface should not be referenced within Debian's /etc/network/interfaces file.
Lenny users: wicd is not included in Lenny, but is available as a backported package. Configure /etc/apt/sources.list as explained in the Backports page before continuing.
Update the list of available packages and install the wicd package:
$ su # aptitude update # aptitude install wicd
Amend /etc/network/interfaces to contain only the following:
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback
If not already performed, add your regular user account to the netdev group and reload DBus:
# adduser yourusername netdev # /etc/init.d/dbus reload
Start the wicd daemon:
# /etc/init.d/wicd start
Start the wicd GUI with your regular user account:
# exit $ wicd-client -n
See also wicd frequently asked questions.
wpa_supplicant is a WPA client and IEEE 802.1X supplicant.
The wpasupplicant package provides wpa-* ifupdown options for /etc/network/interfaces. If these options are specified, wpa_supplicant is started in the background when your wireless interface is raised and stopped when brought down.
Before continuing, install the wpasupplicant package:
$ su # aptitude update # aptitude install wpasupplicant
Restrict the permissions of /etc/network/interfaces, to prevent pre-shared key (PSK) disclosure:
# chmod 0600 /etc/network/interfaces
Open /etc/network/interfaces in a text editor:
# sensible-editor /etc/network/interfaces
Define appropriate stanzas for your wireless interface, along with the SSID and PSK. For example:
auto wlan0 iface wlan0 inet dhcp wpa-ssid mynetworkname wpa-psk mysecretpassphraseThe "auto" stanza will bring your interface up at system startup. If not desired, remove or comment this line.
Bring your interface up. This will start wpa_supplicant as a background process.
# ifup wlan0
Additional wpa-* options are described within /usr/share/doc/wpasupplicant/README.modes.gz. This should also be read if connecting to a network not broadcasting its SSID.
For general /etc/network/interfaces information, see the interfaces(5) man page.
For networks using EAP-TLS, you are required to establish a wpa_supplicant configuration file and provide the client-side certificate. An example WPA2-EAP configuration file can be found at /usr/share/doc/wpasupplicant/examples/wpa2-eap-ccmp.conf.
Once available, reference your configuration file in /etc/network/interfaces. For example:
auto wlan0 iface wlan0 inet dhcp wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
More information can be found in the wpa_supplicant.conf(5) man page. A fully-commented wpa_supplicant configuration file example is at /usr/share/doc/wpasupplicant/README.wpa_supplicant.conf.gz.
To switch between multiple distinct configurations:
GNOME users should use "Menu System > Administration > Network". (n.b. this doesn't work in etch)
use logical interfaces, as
iface wlan_home inet dhcp wpa-ssid mynetworkname wpa-psk mysecretpassphrase
# ifup wlan0=wlan_home
use ifscheme, see the example configuration at alwayssunny.com.
You can use guessnet(8) to switch profiles automatically by your location. Tutorial here.
Every member of a network can listen to other members' traffic. (whether it's an unencrypted public hot-spot, or a WEP/WPA/WPA2, or LAN). Use SSL/TLS protocols (https, imaps...) or VPN to preserve your privacy.
WPA 1 is deprecated. Use WPA2 instead.
Make sure you use strong pass-phrase.
Network security, see: http://www.aircrack-ng.org/doku.php?id=tutorial.
WiFi/AdHoc - Establishing a WiFi network without an access point.
联系客服