6 Replies Latest reply on Apr 18, 2015 12:50 AM by Richard_H

    Can't enter WEP key in Hex


      I use a 5 character WEP key that's entered as 10 hex digits.  The "configure_edison" --setup script doesn't allow for this key input option (though it should).  What's the best way to get around it?  My key doesn't map to displayable characters, so I can't just enter the 5 bytes it wants.



        • 1. Re: Can't enter WEP key in Hex

          This is an issue for both WEP and WPA/WPA2 and it caused me significant frustration to the point where I put the board in my drawer for a month and didn't touch it.  However, I found a workaround yesterday and got it working by using the instructions on this page, but with one important modification:

          Connecting to a Wireless Network via Linux*


          Where it says:

          > set_network 0 psk "Your Network Password"

          Do not use the quotation marks.  Instead, type in your hex digits without quotes:

          > set_network 0 psk HEX_DIGITS


          I have not tried this, but it looks like one might be able to modify the /usr/bin/configure_edison script to change this, perhaps removing the quotes in the WPA templates.  If you try this and have success, please post the solution.  It would be useful if Intel provided an official solution for pre-shared hex keys.

          • 2. Re: Can't enter WEP key in Hex

            @jar - I'm sorry to say, your fix did not work.  The wpa_cli tool refuses to take keys for input that are not in quotes.


            However, I have good news to report - I did get it working!  Here's the sequence...

            • wpa_cli
              • I did the steps in the doc you referenced: Connecting to a Wireless Network via Linux*
                • That didn't work, and it didn't write to wpa_supplicant.conf (see below; I'd found this by analyzing the configure_edison script)
                • This step might not be necessary at all, but it also might have laid some groundwork
            • configure_edison --wifi (this will just reconfigure the wifi section)
              • Select your SSID, then enter a bogus key that meets the input criteria.  The connection will fail, of course, but the necessary fields will have been written to the config file, and it's now much easier to just go edit.
            • Edit /etc/wpa_supplicant/wpa_supplicant.conf
              • Find the line wep_key0="MyBogusKey" (This is the key you entered above.)
              • Replace it with wep_key0=0xfedcba987654321 (your hex key, with the 0x prefix; remove the quotes)
            • wpa_cli
              • disable_network 0 (I had previously defined network 0 the last time I ran wpa_cli; if you skip that section above, I don't know if this step will work.)
              • enable_network 0 (You should see it associate.)
                • <3>CTRL-EVENT-SCAN-STARTED

                • <3>CTRL-EVENT-SCAN-RESULTS

                • <3>WPS-AP-AVAILABLE

                • <3>Trying to associate with 02:18:1a:35:dd:86 (SSID='Acme Global Trading Company' freq=5220 MHz)

                • <3>Associated with 02:18:1a:35:dd:86

                • <3>CTRL-EVENT-CONNECTED - Connection to 02:18:1a:35:dd:86 completed [id=0 id_str=]

            • Success!


            Quick vi tutorial to help folks get through this:

            • vi /etc/wpa_supplicant/wpa_supplicant.conf
            • Cursor up to the line you want to edit
            • Press 'i' (enter insert mode)
            • Make your edits
            • Press 'esc' (takes to command line)
            • Type :wq (command: write, then quit)
            • 3. Re: Can't enter WEP key in Hex

              To the Intel folks:

              You really need to fix this.  Your config scripts presume the key is being input in cleartext, when it's perfectly valid and commonplace to use hex instead.


              As best I can tell, the configure_network() function in configure_edison would need to be updated to allow this input, perhaps also along with editing the template in that script used to output wpa_supplicant.conf - it'd need to remove quotes from around the key and prefix it with '0x'.


              The wpa_cli tool behaves similarly, and needs a similar fix.


              And the corker: it works perfectly, until a reboot.  Then, systemctl start wpa_supplicant fails because it doesn't like the key in wpa_supplicant.conf - which has already been proven to work if the checks would stop failing on it.

              • 4. Re: Can't enter WEP key in Hex

                More work needed here.  Although it worked perfectly as written, the config failed after reboot because additional checks were applied to the key at supplicant startup time.  I've tried repeating my sequence above, and I'm not having success getting the proper key to load now.

                • 5. Re: Can't enter WEP key in Hex

                  Revised fix... no '0x' prefix required:

                  • Edit /etc/wpa_supplicant/wpa_supplicant.conf
                    • Find the line wep_key0="MyBogusKey" (This is the key you entered above.)
                    • Replace it with wep_key0=fedcba987654321 (your hex key, with no '0x' prefix, and no quotes)


                  As background, a bit of digging on the web turns up this man page documentation on the wpa_supplicant.conf file format:

                      wep_keyN key

                            An ASCII string enclosed in quotation marks to encode the WEP key.  Without quotes this is a hex string of the actual key.  WEP

                            is considered insecure and should be avoided.  The exact translation from an ASCII key to a hex key varies.  Use hex keys where possible.



                  Once you make the change above, the WPA supplicant (the module that handles WiFi authentication) will load properly and connect automatically after reboot.  Before reboot, you can trigger it to re-read its configuration file to invoke the changes.  You can do this 2 ways:

                  • Option1 - command-line:
                    • systemctl stop wpa_supplicant, then
                    • systemctl start wpa_supplicant, which should execute with no output if successful
                    • ip route, which should show an IP for interface wlan0
                  • Option 2 - interactive:
                    • Launch wpa_cli
                      • disable_network 0
                      • reconfigure - the forces the WPA supplicant to reload its config file.  It should return 'OK'.
                      • enable_network 0 - this should show the association succeeding
                      • status - will show the WiFi association and the IP address of the interface
                  1 of 1 people found this helpful
                  • 6. Re: Can't enter WEP key in Hex

                    Added detail...

                    systemctl enable wpa_supplicant - execute this after you get it working, so it auto-loads the supplicant at the next reboot


                    And, boy, am I glad I posted my solution here 5 months ago - it was a great reference when I needed to do this again, long after I'd forgotten how.