1 .\" Copyright (c) 2005 Sam Leffler <sam@errno.com>
2 .\" All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .Nd "text-based frontend program for interacting with wpa_supplicant"
40 is a text-based frontend program for interacting with
41 .Xr wpa_supplicant 8 .
42 It is used to query current status,
46 request interactive user input.
52 current authentication status,
54 mode, dot11 and dot1x MIBs, etc.
57 can configure EAPOL state machine
58 parameters and trigger events such as reassociation
59 and IEEE 802.1X logoff/logon.
64 provides an interface to supply authentication information
65 such as username and password when it is not provided in the
66 .Xr wpa_supplicant.conf 5
68 This can be used, for example, to implement
69 one-time passwords or generic token card
70 authentication where the authentication is based on a
71 challenge-response that uses an external device for generating the
77 supports two modes: interactive and command line.
78 Both modes share the same command set and the main difference
79 is in interactive mode providing access to unsolicited messages
80 (event messages, username/password requests).
82 Interactive mode is started when
84 is executed without any parameters on the command line.
85 Commands are then entered from the controlling terminal in
89 In command line mode, the same commands are
90 entered as command line arguments.
92 The control interface of
94 can be configured to allow
95 non-root user access by using the
96 .Va ctrl_interface_group
99 .Xr wpa_supplicant.conf 5
101 This makes it possible to run
103 with a normal user account.
104 .Sh AUTHENTICATION PARAMETERS
107 needs authentication parameters, such as username and password,
108 that are not present in the configuration file, it sends a
109 request message to all attached frontend programs, e.g.,
115 shows these requests with a
116 .Dq Li CTRL-REQ- Ns Ao Ar type Ac Ns Li - Ns Ao Ar id Ac Ns Li : Ns Aq Ar text
120 .Li IDENTITY , PASSWORD ,
125 is a unique identifier for the current network,
127 is a description of the request.
130 (One-Time Password) request,
131 it includes the challenge from the authentication server.
135 the needed parameters in response to these requests.
138 .Bd -literal -offset indent
139 CTRL-REQ-PASSWORD-1:Password needed for SSID foobar
140 > password 1 mysecretpassword
142 Example request for generic token card challenge-response:
144 CTRL-REQ-OTP-2:Challenge 1235663 needed for SSID foobar
148 The following commands may be supplied on the command line
149 or at a prompt when operating interactively.
150 .Bl -tag -width indent
152 Report the current WPA/EAPOL/EAP status for the current interface.
154 Report MIB variables (dot1x, dot11) for the current interface.
157 .It Ic interface Op Ar ifname
158 Show available interfaces and/or set the current interface
159 when multiple are available.
160 .It Ic level Ar debug_level
161 Change the debugging level in
162 .Xr wpa_supplicant 8 .
163 Larger numbers generate more messages.
169 Send the IEEE 802.1X EAPOL state machine into the
173 Send the IEEE 802.1X EAPOL state machine into the
176 .It Ic set Op Ar settings
178 When no arguments are supplied, the known variables and their settings
181 Show the contents of the PMKSA cache.
183 Force a reassociation to the current access point.
187 to re-read its configuration file.
188 .It Ic preauthenticate Ar BSSID
189 Force preauthentication of the specified
191 .It Ic identity Ar network_id identity
192 Configure an identity for an SSID.
193 .It Ic password Ar network_id password
194 Configure a password for an SSID.
195 .It Ic otp Ar network_id password
196 Configure a one-time password for an SSID.
206 .Xr wpa_supplicant.conf 5 ,
211 utility first appeared in
216 utility was written by
217 .An Jouni Malinen Aq jkmaline@cc.hut.fi .
218 This manual page is derived from the