Network setup: Difference between revisions
No edit summary |
No edit summary |
||
| Line 95: | Line 95: | ||
The name of the robot should be included in the list, but it can take a while for the network to detect the name. | The name of the robot should be included in the list, but it can take a while for the network to detect the name. | ||
==== | == Depricated == | ||
*Old - do not use | *Old - do not use | ||
==== WPA ==== | |||
Replace password/passphrase with an encrypted version. | Replace password/passphrase with an encrypted version. | ||
Revision as of 18:34, 8 January 2025
Back to Robobot
Back to Robobot B
NTP
Network time protocol, to keep clocks in sync. At DTU most clock sources are blocked, the clock source needs to be configured.
At DTU, edit /etc/ntp.conf or /etc/ntpsec/ntp.conf, add ntp.ait.du.dk to server pool
sudo nano /etc/ntpsec/ntp.conf
... # Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board # on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for # more information. pool ntp.ait.dtu.dk ...
Sync time (if on DTU net)
sudo ntpdate -u ntp.ait.dtu.dk
Should work in and around DTU - see also NTP howto for more details.
WiFi network
Network Manager
Create a connection file in /etc/NetworkManager/system-connections
sudo nano /etc/NetworkManager/system-connections/DTUdevice.nmconnection
Insert the following (but remember to insert the correct psk password):
[connection] id=DTUdevice uuid=c5e1b602-c694-4bf4-a398-cdce468568d6 type=wifi interface-name=wlan0 [wifi] mode=infrastructure ssid=DTUdevice [wifi-security] auth-alg=open key-mgmt=wpa-psk psk=<password, ask or find in course material> [ipv4] method=auto [ipv6] addr-gen-mode=default method=auto [proxy]
All robots are allowed on the DTUdevice network, but only with a few ports open.
You can use the same template for other networks with a passphrase (PSK) key; just replace the ID with the SSID and change the PSK password.
Check IP and SSID
When the Pi has rebooted, connect to it using SSH once again. Check that the Pi is connected to WiFi
ifconfig
Under wlan0 confirm that the Pi has received an IP (inet addr) and note down the first three sections of the IP - they are most likely 10.197.21x.xxx
To see which SSID you are connected to, use
iwconfig
or
nmcli -o
The MAC address ('HWaddr' or 'ether') of the Pi should also be noted down - this probably starts with B8:27:EB:xx:xx:xx make sure to get all of it.
Find IP of robot (Linux)
In case the Pi gets a new IP address after reboot, you can search for it using the MAC address and nmap. If nmap is not installed, start by installing it
sudo apt-get install nmap
To search for the Pi using the MAC address in terminal type
nmap -sP 10.16.175.0/24 | awk '/^Nmap/{ip=$NF}/B8:27:EB:23:A0:F5/{print ip}'
where 10.16.175 is the first three sections of the IP you noted down and B8:27:EB:23:A0:F5 is the MAC address of the Pi. This should return the IP of the Pi.
NB! the MAC can hold letters, they should probably be capital.
If you don't know the MAC address
Use the first part, to get a list of active IP on the net:
nmap -sP 10.16.175.0/24
The name of the robot should be included in the list, but it can take a while for the network to detect the name.
Depricated
- Old - do not use
WPA
Replace password/passphrase with an encrypted version.
The wpa_passphrase generated function works to generate an encrypted passphrase: (copied from Raspberry Pi forum, (thanks to 'rpdom')).
rpdom@raspberrypi:~ $ wpa_passphrase MYSSID MYPASSPHRASE
network={
ssid="MYSSID" #psk="MYPASSPHRASE" psk=ENCRYPTED_PSK_IS_HERE
}
rpdom@raspberrypi:~ $ sudo nmcli con add con-name MYSSID \
type wifi ssid MYSSID \
wifi-sec.key-mgmt wpa-psk \
wifi-sec.psk ENCRYPTED_PSK_IS_HERE
Connection 'MYSSID' (ed602d46-0a2b-4094-a2c3-79652a47d612) successfully added.
sudo nmcli con up MYSSID
Or, if the connection is already established, then edit the relevant file and copy in the ENCRYPTED_PSK_IS_HERE to replace the clear text passphrase.
cd /etc/NetworkManager/system-connections ls sudo nano MYSSID.nmconnection
802 secure wifi
When connecting to Eduroam (or other with 802 security) you will eventually have to type in your username and password in the wpa_supplicant.conf-file. For your password not to be visible, generate a hash code for it
echo -n YOUR_COOPERATE_MAIL_PASSWORD | iconv -t utf16le | openssl md5
Copy the generated hash code (YOUR_COOPERATE_MAIL_PASSWORD_HASH) and clear the terminal window and the command history.
clear history -c
A connection using 802 security could be generated with
nmcli connection add \ type wifi \ connection.id NICKNAME \ wifi.ssid SSID \ wifi.mode infrastructure \ wifi-sec.key-mgmt wpa-eap \ 802-1x.eap peap \ 802-1x.identity YOUR_COOPERATE_MAIL \ 802-1x.phase2-auth mschapv2 \ 802-1x.password hash:YOUR_COOPERATE_MAIL_PASSWORD_HASH sudo nmcli con up NICKNAME
Replace the UPPER case words as appropriate.
Or, if the connection is already established, replace the password as above (in /etc/NetworkManager/system-connections).
I don't know if the YOUR_COOPERATE_MAIL_PASSWORD_HASH encryption works this way.
WPA
'No longer active'
Now open wpa_supplicant.conf
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
If you added an wifi access point, it probably looks something like this
network={
ssid="device"
key_mgmt=NONE
}
or using typical security with a password
network={
ssid="tdc432"
psk="secret_password"
key_mgmt=WPA-PSK
id_str=home
}
You can add any number of the "network" groups for all the networks you get across If you don't like the network password to be visible, see guide below.
Private network
Generate encrypted key with
wpa_passphrase mySSID secret776
if the desired SSID is "mySSID" and the password is "secret776", then copy the result into /etc/wpa_supplicant/wpa_supplicant.conf (except the line with the password in clear text).
network={
ssid="mySSID"
#psk="secret776"
psk=812439e952156aea9983f3df5a389cf3f9c2e9f30ae2624eaad1551612a6ef71
}
Eduroam or DTU secure
When connecting to Eduroam you will eventually have to type in your username and password in the wpa_supplicant.conf-file. In order for your password not to be visible, generate a hash-code for it
echo -n password_here | iconv -t utf16le | openssl md5
Copy the hash-code and then clear the terminal window and the command history
clear history -c
Now open wpa_supplicant.conf
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
Add or replace the following (You need at least one network group)
country=DK
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
ctrl_interface_group=0
update_config=1
network={
ssid="eduroam"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
phase2="auth=MSCHAPV2"
identity="username"
password=hash:your_hash_code
}
network={
ssid="DTUsecure"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
phase2="auth=MSCHAPV2"
identity="username"
password=hash:your_hash_code
}
Replace username with your username on Eduroam, i.e. your student number and replace your_hash_code with the hash-code you generated in the previous step.
Reboot the Raspberry Pi
sudo reboot or sudo /etc/init.d/networking restart
