| 1 |
On Fri, Feb 3, 2012 at 3:10 PM, Grant <emailgrant@×××××.com> wrote: |
| 2 |
>>>>>>> Is there any way to verify that my wireless client connections are |
| 3 |
>>>>>>> encrypted via WPA2? |
| 4 |
>>>>>>> |
| 5 |
>>>>>>> - Grant |
| 6 |
>>>>>>> |
| 7 |
>>>>>> |
| 8 |
>>>>>> iwlist $interface scan |
| 9 |
>>>>>> |
| 10 |
>>>>>> Will give you enough information to tell if the wireless network |
| 11 |
>>>>>> supports WPA (instead of being WPA2-only). I don't know how you might |
| 12 |
>>>>>> inspect a connection from the client's perspective. That probably |
| 13 |
>>>>>> depends on the tool you're using. |
| 14 |
>>>>> |
| 15 |
>>>>> Is it strange that I get this from iwconfig on the connected client: |
| 16 |
>>>>> |
| 17 |
>>>>> Encryption key:off |
| 18 |
>>>> |
| 19 |
>>>> That's normal. iwconfig only knows about WEP. WPA and WPA2 are |
| 20 |
>>>> different animals. |
| 21 |
>>> |
| 22 |
>>> Got it, thanks for your help Michael. |
| 23 |
>> |
| 24 |
>> Actually, I think I was only half-right. It's normal for iwconfig to |
| 25 |
>> show Encryption key:off when connected to WPA and WPA2 networks, it's |
| 26 |
>> true that WPA and WPA2 are different animals, and I believe it's true |
| 27 |
>> that iwconfig only knows about WEP. |
| 28 |
>> |
| 29 |
>> But there's something strange about the "Encryption key:" line. A |
| 30 |
>> survey of my apartment from my laptop, which I connected to via ssh, |
| 31 |
>> revealed that "iwconfig" reports "Encryption key:off", while "iwlist" |
| 32 |
>> shows "Encryption key:on" for the BSSID I'm connected to (And I'm |
| 33 |
>> showing "IEEE 802.11i/WPA2 Version 1" for my encryption mode). |
| 34 |
>> |
| 35 |
>> I don't know the cause of the discrepancy, though I could guess at a |
| 36 |
>> half-dozen different plausible sources. |
| 37 |
> |
| 38 |
> I thought you were saying iwconfig doesn't know about WPA/WPA2 but |
| 39 |
> iwlist does. That would account for the discrepancy, right? |
| 40 |
|
| 41 |
That allows for a discrepancy, but it doesn't satisfactorily account |
| 42 |
for it. "Encryption: on", to me, is a superset of "Encryption key: |
| 43 |
on". |
| 44 |
|
| 45 |
The best explanation I can think of is that iwconfig's "Encryption |
| 46 |
key" is referring to a piece of hardware state involving encryption, |
| 47 |
but that that's turned off after a handoff to something else, and that |
| 48 |
iwlist's "Encryption key" means you need an encryption key to get in |
| 49 |
in the first place. |
| 50 |
|
| 51 |
-- |
| 52 |
:wq |
Archives