« Character Sets and Encodings
Email on a Sony Ericsson K750i »

WPA, Gentoo Linux and an IBM Thinkpad T30

I decided it was finally time to switch from WEP to WPA because WEP is simply broken and shouldn’t be considered safe. There are some attacks available against WPA, but they tend to be ‘try every key in existence’ type. Have a sufficiently long key and you’re pretty much safe. The attacks also seemed to be geared towards weaknesses in TKIP, I haven’t read any about AES.

Using WPA in Gentoo is trivial and the guidebook covers all you need to know. There was one slight hiccup, my wireless card’s firmware didn’t support WPA. I have the optional mini-PCI card for the Thinkpad T30. This is based on the Intersil Prism 2.5 chipset. The hostaputils package contains the ‘prism2srec’ command that allows you to update the firmware. Here are the instructions I followed.

First check what card you have:

# hostap_diag wlan0
Host AP driver diagnostics information for 'wlan0'

NICID: id=0x8013 v1.0.0 (PRISM II (2.5) Mini-PCI (SST parallel flash))
PRIID: id=0x0015 v1.1.0
STAID: id=0x001f v1.4.9 (station firmware)

The ’station firmware’ needs to be at least 1.7.0 to use WPA. If you try to run wpa_supplicant before updating the firmware you’ll get a driver doesn’t support WPA error message. Check out the instructions I linked to previously to work out what files you need. The latest firmware is 1.8.4, but the I only upgraded to 1.7.4 since several people had tested that version and it works. With that version of the station firmware also came an update to the primary firmware, the files I used were:

Only use those files if the output of hostap_diag matched mine.

You’ll have to modify the hostap driver to enable flashing since it’s disabled by default. Instructions are on the linked page. Once you’ve done that it’s a simple matter of:

# prism2_srec -v wlan0 pk010101.hex sf010704.hex

and if everything went smoothly (no error messages), do it for real:

# prism2_srec -f -v wlan0 pk010101.hex sf010704.hex

After a lot of messages you should see:

Downloading to non-volatile memory (flash).
Note! This can take about 30 seconds. Do _not_ remove card during download.
OK.
Components after download:
  NICID: 0x8013 v1.0.0
  PRIID: 0x0015 v1.1.1
  STAID: 0x001f v1.7.4

Your card will be updated and you can start using WPA.

Spread the word: Technorati related  |  Technorati related  |  del.icio.us bookmark it!  |  submit WPA, Gentoo Linux and an IBM Thinkpad T30 digg.com digg it!  |  reddit reddit!

This entry was posted on Sunday, April 2nd, 2006 at 4:16 pm and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Line and paragraph breaks automatic.
XHTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>