Slashdot Mirror

← Back to Stories (view on slashdot.org)

WEP Keys in Mac OS X?

Posted by Cliff on from the securing-your-X-box dept.

antmo asks: "Mac OS X doesn't allow you to specify which WEP key index (1-4) one wishes to use, via the Network preferences. This causes me much pain, since my employer's wireless network uses a key index other than 1. I know the AirPort card allows for this, as I am able to set all four keys in Open BSD and Debian Linux. I don't know whether this is a limitation of Mac OS X's AirPort driver or simply the preferences. I've looked all over the net, posted to many discussion forums (since March of this year), done quite a bit of tinkering with the config files and still don't have a clue how to, if possible, set which key index to send. I have not heard a thing from Apple about this, which leads me to believe they're not going to add this ability. Does anyone know whether a fix from Apple is forthcoming? Anyone know a hack to get this working?"

9 of 37 comments (clear)

  1. Huh? by Anonymous Coward · · Score: 0, Informative


    Just go to the configuration page for the card and type in number in the box. It's the 3rd control down.

  2. 128bit WEP easy by jpt.d · · Score: 2, Informative

    You need to enter the key with a $ prepended to it and using the hex. Think of hex and pascal. I have never tried 64 bit WEP.

    --
    What we see depends on mainly what we look for. -- John Lubbock Now search for that bug slave!
  3. in my experience... by linuxpng · · Score: 4, Informative

    I've set which WEP key to use in my linksys WAP. I forced it on key 1. I then took the hex key it gave me and put that in for the password in the wireless network. For some reason I can't use the passphrase and let it adjust. Hope this helps, it works for me at least.

  4. Clearly a disconnect, let me rephrase... by antmo · · Score: 5, Informative

    An 802.11b network, using WEP, allows for 4 separate WEP keys to be defined. You can then choose, within the WAP, which one you want your network clients to use/send. Think of it as part if the key. MacOSX's network configuration for the airport card, will only allow you send whatever WEP key you entered, as key index 1. If your WAP is setup to expect key index 2, 3 or 4, regardless of what the password is (could be the same for all 4 keys), it will not accept your WEP key. You must send the index which the WAP is configured to expect, along with the key.

  5. What to do by GoRK · · Score: 5, Informative

    There are 4 keys because they can be *rotated* ... only one is active at any time. If the index is set at #3 on your AP and key number three is 1234ABCDEF, then a computer set to use the key 1234ABCDEF will work. Forget the key index. It has little to do with anything unless you actually rotate your keys.

    1. Re:What to do by Piquan · · Score: 5, Informative

      Sure it does. You say that "only one is active at any time", but that's not the whole story, at least not network-wide.

      For example, client A may be sending key 1, client B sends key 2, and the AP sends using key 3. (This is exactly what happens at my home: the AP uses key 1, one computer uses a different static key, and the rest randomly rotate each time they attach.)

      The clients need all the keys, so that they can read all the data they're getting. The question of which one is "active" refers to one transmitter, not the whole network.

      So, now comes the question: if you have to decrypt using any key, how do you know which one to use? It seems that 802.11 sends an index of "which key am I sending with", so that the recipient can read it. That's why the key index matters.

  6. open source driver by hayne · · Score: 5, Informative
    I haven't tried this myself, but the open source driver available at http://wirelessdriver.sourceforge.net/index.html does seem to allow you to configure which "keyslot" your WEP key goes in. And the FAQ says that this driver "is compatible with and can co-exist with Apples Airport driver". So that might be a solution to your problem.

    By the way, this is a real issue, contrary to what a lot of the posters on this thread seem to think - the best explanation of the "key index" I have found is in the PDF file at http://www.practicallynetworked.com/downloads/Othe r/tb-027.pdf

  7. Multiple WEP keys not Wi-Fi compliant by cspiff · · Score: 3, Informative

    FYI, the Wi-Fi certification testing only tests one key at a time, in slot 1 (that's slot 0, if you count like a good C programmer). There are many things that the 802.11 specs allow, that are nevertheless outside of what Wi-Fi certifies. This is one of them.

    Let your sysadmin know that s/he's configured the network in a non-Wi-Fi-compliant manner, and maybe s/he'll see the light.

  8. Re:So how can I do WEP with a non-Apple access poi by Anonymous Coward · · Score: 2, Informative

    Hmm, this really isn't difficult. Select your AP from the menu. If it uses WEP, the Mac will ask for your WEP key. (it calls it a password...)

    You used to have to put ASCII keys in quotes or preceed hex keys with a dollar sign, but in Jaguar there is a menu where you select the type of key ("password") you are entering. Sorry, no screenshot for you, you'll have to figure this out on your own... :)