How to setup an Atheros-based Access Point with WPA-PSK on Ubuntu 8.04 server

Install Ubuntu 8.04 server normally. I haven't tested it, but the desktop edition should also work, but remember to choose the right version of linux-restricted-modules for your setup and to remove the wifi interface from the NetworkManager setup.

Login with your normal "admin" user.

Get access to a root console:

$ sudo -i

Install necessary software (linux-restricted-modules contains the madwifi driver):

# aptitude install linux-restricted-modules-server bridge-utils wireless-tools madwifi-tools hostapd

Change the default wifi mode from sta (station/client) to ap (access point/server):

# echo "options ath_pci autocreate=ap" >>/etc/modprobe.d/options

Change your /etc/network/interfaces to include this instead of the default eth0 setup.

auto eth0 ath0 br0 iface eth0 inet manual up /sbin/ifconfig eth0 up down /sbin/ifconfig eth0 down iface ath0 inet manual up /sbin/ifconfig ath0 up down /sbin/ifconfig ath0 down iface br0 inet static address <your ip here> netmask <your netmask here> gateway <your gateway ip here> bridge_ports eth0 ath0

Change your ip/netmask/gw on the br0 interface as needed or use dhcp if you have it. The eth0 and ath0 interfaces are not supposed to have IP addresses assigned.

Make a backup of the original /etc/hostapd/hostapd.conf(it contains some useful documentation, after all):

# mv /etc/hostapd/hostapd.conf /etc/hostapd/hostapd.conf.bak

Create a new /etc/hostapd/hostapd.conf file with this content:

driver=madwifi interface=ath0 bridge=br0 hw_mode=a ssid=<your SSID here>wpa=3 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP wpa_passphrase=<your wifi password here>

Set the hw_mode to a, b or g depending on your hardware and preferred 802.11 mode.

Lets secure this file as it contains a password in cleartext.

# chown root:root /etc/hostapd/hostapd.conf # chmod 0600 /etc/hostapd/hostapd.conf

Change the RUN_DAEMON="no" parameter in /etc/default/hostapd to yes. It might also be wise to uncomment the debug options at the bottom of the file until you feel comfortable with the hostapd setup.

Reboot the machine and everything should work automatically.

If you don't want to reboot, it's possible to restart the services manually. Be aware that this is probably somewhat tricky if your logged on with ssh through eth0, so better do it from a local console.

  1. shut down hostapd (/etc/init.d/hostapd stop)
  2. shut down network (/etc/init.d/network stop)
  3. remove ath_pci module (rmmod ath_pci)
  4. load ath_pci module (modprobe ath_pci)
  5. start network (/etc/init.d/network start)
  6. start hostapd (/etc/init.d/hostapd start)

You should now be able to connect any wireless unit that understands WPA using the specified SSID and password. Your syslog should log a line similar to this when a unit connects correctly:

hostapd: ath0: STA <unit-mac-address> IEEE 802.11: associated hostapd: ath0: STA <unit-mac-address> WPA: pairwise key handshake completed (RSN) hostapd: ath0: STA <unit-mac-address> WPA: group key handshake completed (RSN)

If something goes wrong or you need some troubleshooting advice, see below.

To test if your ath0 device is set to AP mode, use this command:

# iwconfig

Verify that mode for ath0 says Master, if it doesn't say so your modprobe setup is wrong or your madwifi driver is too old. If your driver is older than r1407 the autocreate modprobe method doesn't work and you have to use the following command to set it up (can be used as pre-up in /etc/network/interfaces ath0 setup):

# /sbin/wlanconfig ath0 create wlandev wifi0 wlanmode ap

To shut it down again, use this command (can be used as post-down in /etc/network/interfaces ath0 setup):

# /sbin/wlanconfig ath0 destroy

Be aware that the create function cannot be used without first issuing a destroy. If iwconfig lists an ath0 interface (in addition to wifi0) you  need to destroy it before you can recreate it.

To verify your network setup, use ifconfig. It should list 5 interfaces: ath0, br0, eth0, lo and wifi0 - wifi0, ath0 and eth0 should not be assigned any IP, but br0 and lo should.

To verify that both interfaces are associated with the bridge, use this command:

# brctl show

To verify that your hostapd setup is correct, you can start it manually like this:

# hostapd -dd /etc/hostapd/hostapd.conf

If you get an error message that says "invalid argument, setting master mode failed", your ath0 interface is probably not in master mode. Check with iwconfig to make sure. Hostapd doesn't support setting master mode when using madwifi, it must be done by the driver itself. Verify your modprobe setup or look into wlanconfig.

Have a nice surf!