Understanding WiFi Commands: iw, wpa_supplicant, hostapd, and wavemon

In the realm of Linux-based networking, Wi-Fi management often relies on a set of powerful command-line utilities. These tools give users fine-grained control over Wi-Fi connections, from scanning for available networks to managing access points and securing connections. Four of the most commonly used tools are iw, wpa_supplicant, hostapd, and wavemon. Each plays a distinct role in Wi-Fi management, allowing for configuration, monitoring, and troubleshooting of wireless connections. In this article, we’ll explore what each of these commands does and how they are used.

1.iw: A Powerful Tool for Managing Wi-Fi Devices

iw is a command-line tool used for configuring and managing wireless devices on Linux. It provides a set of commands to interact with wireless interfaces, allowing users to perform a variety of actions like scanning for networks, checking signal strength, changing device settings, and more.

Key Features:

• Scan for Networks: iw can scan the local area for available wireless networks.
• Device Configuration: It allows users to configure wireless interfaces, such as changing channels, setting the operating mode (e.g., managed or monitor mode), and controlling power settings.
• Signal Monitoring: It provides real-time feedback on the signal strength and connection status.
• Management Commands: iw can display device capabilities, change the device’s state (e.g., enabling/disabling interfaces), and provide detailed statistics about network performance.

Common Commands:

# Show the current state of the wireless interface
iw dev wlan0 link

# Show detailed information about the Wi-Fi interface
iw dev wlan0 info

# Scan for available Wi-Fi networks
iw dev wlan0 scan

# Change the channel of a Wi-Fi device
iw dev wlan0 set channel 6

# Connecting to open network with specific essid
# The iw dev wlan0 connect <ESSID> command is a basic connection command and does not handle authentication or encryption (such as WPA/WPA2). It assumes that the network is open (not secured) or that the security is handled elsewhere (e.g., via wpa_supplicant or similar tools).
iw dev wlan0 connect <your_essid>

# Connecting to open network specifying channel.
iw dev wlan0 connect your_essid 2432

# Setting the operation mode to ad-hoc.
iw dev wlan0 set type ibss

# Enabling power save.
iw dev wlan0 set power_save on	

2.wpa_supplicant: Managing Wi-Fi Connections and Security

wpa_supplicant is a daemon and command-line tool that manages Wi-Fi network connections, particularly focusing on security. It is commonly used for connecting to WPA/WPA2 and WPA3-secured Wi-Fi networks. It handles the authentication process and maintains a secure connection to the wireless network.

Key Features:

• Network Authentication: wpa_supplicant manages the process of authenticating with secured networks using WPA, WPA2, or WPA3.
• Configuration via Configuration Files: The tool reads from a configuration file (/etc/wpa_supplicant.conf) to determine network settings and security parameters.
• Supports Various Security Protocols: In addition to WPA/WPA2, wpa_supplicant supports several EAP (Extensible Authentication Protocol) methods, such as EAP-TLS for enterprise networks.

Common Commands:

# Connect to specific wifi network by sppplying ssid and passpharse
wpa_supplicant -B -i <interface> -c <(wpa_passphrase MYSSID passphrase)


# This will present an interactive prompt (>), which has tab completion and descriptions of completed commands
sudo wpa_cli 

# In non-interactive mode 
# When you run wpa_cli with additional parameters, it will execute the specified command and then exit automatically. In contrast, when you run wpa_cli in interactive mode (without any additional parameters), it will remain open, display the > prompt, and wait for further input, allowing you to enter additional commands without having to restart the program


# Show current Wi-Fi connection status
sudo wpa_cli status

# Connect to a network with a given SSID and password
sudo wpa_cli add_network
sudo wpa_cli set_network 0 ssid '"MyNetwork"'
sudo wpa_cli set_network 0 psk '"password123"'
sudo wpa_cli enable_network 0

Using wpa_supplicant.conf

The primary use of wpa_supplicant.conf is to configure network details for connecting to Wi-Fi networks. It defines the settings for each network, such as the network’s name (SSID), security settings, and encryption keys.

Sample wpa_supplicant.conf file

# wpa_supplicant.conf - Sample Configuration File

# Global configuration settings
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
update_config=1
country=US  # Set the country code (adjust according to your location)

# Network block for connecting to a WPA2 secured network
network={
    ssid="MyNetwork"              # The SSID (name) of your network
    psk="mysecretpassword"        # Pre-shared key (Wi-Fi password)
    key_mgmt=WPA2-PSK             # WPA2 Personal encryption
    proto=WPA2                    # Protocol (WPA2 in this case)
    pairwise=CCMP                 # Encryption algorithm (AES, CCMP for WPA2)
    group=CCMP                    # Group cipher (CCMP)
    auth_alg=open                 # Authentication type (open for WPA2-Personal)
}

# Example of a network block for an open (unencrypted) Wi-Fi network
network={
    ssid="OpenNetwork"            # The SSID of an open network
    key_mgmt=NONE                 # No encryption or authentication
    auth_alg=open                 # Open authentication (no password required)
}

# Example for enterprise networks (WPA-EAP with 802.1X authentication)
network={
    ssid="EnterpriseNetwork"      # SSID of the enterprise network
    key_mgmt=WPA-EAP              # WPA with EAP (Enterprise Authentication)
    eap=PEAP                      # EAP type (PEAP, can also be TLS, TTLS, etc.)
    identity="user@example.com"   # Username for authentication
    password="yourpassword"       # Password for authentication
    ca_cert="/etc/ssl/certs/ca-cert.pem"  # Path to the CA certificate
    phase2="auth=MSCHAPV2"        # EAP Phase 2 authentication method
}

To use wpa_supplicant.conf file run the following command

wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf

3.hostapd: Creating and Managing Wi-Fi Access Points

hostapd (Host Access Point Daemon) is a user-space daemon that enables a Linux machine to function as a Wi-Fi access point. It’s used to create a wireless network on a Linux system, turning a device with Wi-Fi capabilities into a router, or for creating test environments, and more.

Key Features:

• Access Point Creation: It allows a device to act as a Wi-Fi access point, enabling other devices to connect.
• WPA/WPA2 Support: It supports both WPA and WPA2 encryption protocols, allowing the creation of secure access points.
• Advanced Configurations: hostapd provides options for detailed access point configuration, including setting the SSID, channel, security options, and more.
• Radius Support: It supports RADIUS authentication, allowing for centralized authentication management, often used in enterprise settings.

Common Commands:

# Start hostapd with a configuration file
hostapd /etc/hostapd/hostapd.conf

# Example configuration to create an access point
interface=wlan0
driver=nl80211
ssid=MyAccessPoint
hw_mode=g
channel=6
wpa=2
wpa_passphrase=supersecretpassword

Use Cases:

• Wi-Fi Hotspots: hostapd is used to turn a laptop or Raspberry Pi into a Wi-Fi hotspot, allowing other devices to connect to it.
• Testing and Development: Developers use hostapd to simulate access points in test environments.
• Enterprise Networks: In enterprise networks, hostapd can be used to create secure, manageable access points that are configured for WPA2 or WPA3 encryption.

wavemon: Monitoring Wi-Fi Signal and Performance

wavemon is a terminal-based Wi-Fi monitoring tool that allows users to observe the status and performance of wireless networks in real-time. It provides a graphical interface within the terminal, displaying various metrics such as signal strength, noise level, link quality, and more.

Key Features:

• Real-Time Monitoring: It shows live information about wireless interfaces, such as signal strength, noise, and link quality.
• Detailed Statistics: wavemon provides detailed data about the Wi-Fi network, including packet statistics, transmission rates, and signal quality.
• Graphical Interface: Unlike traditional command-line tools, wavemon provides a text-based graphical interface that is easy to navigate and provides instant feedback.

Common Commands:

# Start wavemon to monitor Wi-Fi status
wavemon

# Change the interface for monitoring (default is wlan0)
wavemon -i wlan1

Use Cases:

• Signal Strength Analysis: wavemon is widely used to analyze Wi-Fi signal strength and performance, making it easier to diagnose network issues.
• Network Optimization: By observing real-time data, users can adjust router placement, change channels, or take other actions to improve Wi-Fi performance.
• Troubleshooting: It’s a helpful tool for troubleshooting Wi-Fi connections, as it provides data on packet loss, noise levels, and link quality.

Conclusion

Each of these Wi-Fi commands (iw, wpa_supplicant, hostapd, and wavemon) plays a crucial role in managing and troubleshooting wireless networks on Linux systems. Whether you’re looking to scan for networks, manage secure connections, create access points, or monitor Wi-Fi performance, these tools give you the flexibility and control to optimize your wireless experience. Understanding these utilities is essential for network administrators, developers, and anyone looking to manage their Wi-Fi networks with precision and efficiency.