分類: 樹莓派物聯網

樹莓派 Raspberry Pi 設定無線網路 WiFi AP,打造無線 IP 分享器

hostapd 服務

要藉由 USB 無線網路卡建立一個 AP(access point),還需要安裝 hostapd 這個 daemon。

安裝 hostapd

sudo apt-get install hostapd

建立 /etc/hostapd/hostapd.conf 設定檔,我們可以從 /usr/share/doc/hostapd/examples/hostapd.conf.gz 這個範例檔開始修改。

interface 設定為 wlan0

# AP netdevice name (without 'ap' postfix, i.e., wlan0 uses wlan0ap for
# management frames); ath0 for madwifi
interface=wlan0

設定 driver

# Driver interface type (hostap/wired/madwifi/test/none/nl80211/bsd);
# default: hostap). nl80211 is used with all Linux mac80211 drivers.
# Use driver=none if building hostapd as a standalone RADIUS server that does
# not control any wireless/wired driver.
driver=nl80211

設定無線網路的 SSID:

# SSID to be used in IEEE 802.11 management frames
ssid=RPi-AP

無線網路連線模式:

# Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g,
# ad = IEEE 802.11ad (60 GHz); a/g options are used with IEEE 802.11n, too, to
# specify band)
# Default: IEEE 802.11b
hw_mode=g

無線網路頻道:

# Channel number (IEEE 802.11)
# (default: 0, i.e., not set)
# Please note that some drivers do not use this value from hostapd and the
# channel will need to be configured separately with iwconfig.
#
# If CONFIG_ACS build option is enabled, the channel can be selected
# automatically at run time by setting channel=acs_survey or channel=0, both of
# which will enable the ACS survey based algorithm.
channel=1

MAC 卡號認證機制設定:

# Station MAC address -based authentication
# Please note that this kind of access control requires a driver that uses
# hostapd to take care of management frame processing and as such, this can be
# used with driver=hostap or driver=nl80211, but not with driver=madwifi.
# 0 = accept unless in deny list
# 1 = deny unless in accept list
# 2 = use external RADIUS server (accept/deny lists are searched first)
macaddr_acl=0

無線網路認證演算法設定:

# IEEE 802.11 specifies two authentication algorithms. hostapd can be
# configured to allow both of these or only one. Open system authentication
# should be used with IEEE 802.1X.
# Bit fields of allowed authentication algorithms:
# bit 0 = Open System Authentication
# bit 1 = Shared Key Authentication (requires WEP)
auth_algs=3
# Send empty SSID in beacons and ignore probe request frames that do not
# specify full SSID, i.e., require stations to know SSID.
# default: disabled (0)
# 1 = send empty (length=0) SSID in beacon and ignore probe request for
#     broadcast SSID
# 2 = clear SSID (ASCII 0), but keep the original length (this may be required
#     with some clients that do not support empty SSID) and ignore probe
#     requests for broadcast SSID
ignore_broadcast_ssid=0

WPA 設定:

# Enable WPA. Setting this variable configures the AP to require WPA (either
# WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either
# wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK.
# Instead of wpa_psk / wpa_passphrase, wpa_psk_radius might suffice.
# For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys),
# RADIUS authentication server must be configured, and WPA-EAP must be included
# in wpa_key_mgmt.
# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
wpa=2

設定無線網路的密碼:

# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
# (8..63 characters) that will be converted to PSK. This conversion uses SSID
# so the PSK changes when ASCII passphrase is used and the SSID is changed.
# wpa_psk (dot11RSNAConfigPSKValue)
# wpa_passphrase (dot11RSNAConfigPSKPassPhrase)
#wpa_psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
wpa_passphrase=Raspberry

接受的金鑰管理方式:

# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The
# entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be
# added to enable SHA256-based stronger algorithms.
# (dot11RSNAConfigAuthenticationSuitesTable)
#wpa_key_mgmt=WPA-PSK WPA-EAP
wpa_key_mgmt=WPA-PSK
# Set of accepted cipher suites (encryption algorithms) for pairwise keys
# (unicast packets). This is a space separated list of algorithms:
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
# Group cipher suite (encryption algorithm for broadcast and multicast frames)
# is automatically selected based on this configuration. If only CCMP is
# allowed as the pairwise cipher, group cipher will also be CCMP. Otherwise,
# TKIP will be used as the group cipher.
# (dot11RSNAConfigPairwiseCiphersTable)
# Pairwise cipher for WPA (v1) (default: TKIP)
#wpa_pairwise=TKIP CCMP
wpa_pairwise=TKIP
# Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value)
rsn_pairwise=CCMP

編輯 /etc/default/hostapd 設定檔,設定 DAEMON_CONF 指向 /etc/hostapd/hostapd.conf

# Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
# file and hostapd will be started during system boot. An example configuration
# file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
DAEMON_CONF="/etc/hostapd/hostapd.conf"

測試一下 hostapd 的設定是否正確,使用 root 管理者權限執行 hostapd,並指定設定檔:

sudo hostapd /etc/hostapd/hostapd.conf

檢查輸出是否有問題,正常來說會類似這樣:

Configuration file: /etc/hostapd/hostapd.conf
Using interface wlan0 with hwaddr f8:1a:67:18:3a:ab and ssid "RPi-AP"
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED 
wlan0: STA 28:e3:1f:50:b9:94 IEEE 802.11: authenticated
wlan0: STA 28:e3:1f:50:b9:94 IEEE 802.11: associated (aid 1)
wlan0: AP-STA-CONNECTED 28:e3:1f:50:b9:94
wlan0: STA 28:e3:1f:50:b9:94 RADIUS: starting accounting session 56BD92F6-00000000
wlan0: STA 28:e3:1f:50:b9:94 WPA: pairwise key handshake completed (RSN)

無如果正常的話,這時候就可以使用新的無線網路 RPi-AP 了。

新的 RPi-AP 無線網路

一般手機或平板也可以直接使用。

手機使用新的 RPi-AP 無線網路

確定設定無誤之後,可以中斷自己執行的 hostapd,將系統的 hostapd 服務:

sudo service hostapd restart

問題檢查

如果在設定上有問題,無法使用的話,可以用 iw 指令檢查一下自己的 USB 無線網路卡是否支援 AP 模式:

iw list

在輸出中找到 Supported interface modes 這一段:

Supported interface modes:
	 * IBSS
	 * managed
	 * AP
	 * AP/VLAN
	 * monitor
	 * mesh point
	 * P2P-client
	 * P2P-GO

確認網路卡有支援 AP 模式。

另外若是軟體設定有問題,除了在終端機上的錯誤訊息之外,在 /var/log/syslog 紀錄檔中也可以找到一些資訊。

參考資料:adafruitadafruitmaketecheasiersuperusersuperuserUbuntu Help

Page: 1 2

G. T. Wang

個人使用 Linux 經驗長達十餘年,樂於分享各種自由軟體技術與實作文章。

Share
Published by
G. T. Wang

Recent Posts

[DIY] 自製凡士林火種

這裡介紹如何利用簡單的凡士林與...

3 年 ago

[DIY] 自製火影木葉、砂忍者村標誌雕刻木牌

本篇記錄我用路邊撿來的樟木與龍...

3 年 ago

收集龍眼木修剪枝幹用於木頭工藝

最近打算帶著阿玄做一些木工作品...

3 年 ago

[DIY] 樟木手工自製迷你手裏劍(忍者武器)

本篇記錄阿玄第一次使用木工工具...

3 年 ago

[DIY] 龍眼木手工自製木槌

本篇記錄我用自己砍的龍眼木還有...

3 年 ago

[DIY] 樟木手工自製苦無(忍者武器)

本篇記錄我自己用樟木的枝幹,以...

3 年 ago