WPS Button Activation is required

psherman · January 19, 2023, 7:45pm

Right... just to be clear, I'm not saying you personally (or others with similar situations) shouldn't use WPS. I just want to make sure that people are aware that the technology is not secure, and that it does carry some risk if enabled.

In situations where WPS is optional, it would be advisable to avoid it. Where it is necessary, it is best to ensure that users do have knowledge about the potential risks as well as the idea that there are some possible mitigation strategies (such as isolated networks) that they can consider.

Annick · January 19, 2023, 7:47pm

-> psherman

With my two models of boxes that I have it's not an option it is not possible otherwise

psherman · January 19, 2023, 7:48pm

I understand that. As I said...

vizoso · January 23, 2023, 8:13pm

Hello, I still can't activate the WPS mechanism. The equipment does not send the password to the PC in order to establish the connection.

Through the hostapd_cli -i wlan0 wps_pbc command, we were able to activate the wps service.

The WPS service will be active for two minutes. This was checked using the command. hostapd_cli -i wlan0 wps_get_status

At the end of the WPS section, the following is displayed on the console.

Something is happening between the computer and the laptop that there is no successful exchange.

Thanks.

stangri · January 23, 2023, 8:17pm

Sorry, I don't know enough about WPS to provide further help, my intention was to help you map WPS trigger to a reset button.

vizoso · January 23, 2023, 8:21pm

Hello, ok thank you very much for everything.

stangri · January 23, 2023, 11:14pm

Not an expert on those, but maybe experimenting with different flavours of wpad/hostapd might help. I can't imagine WPS being broken in OpenWrt period.

vizoso · January 25, 2023, 5:37am

Hello, thank you very much for the advice. I tried the variants of WPAD and HOSTAPD-UTILS, but we didn't get positive results, so we must continue testing and research. Thank you very much for the help.

stangri · January 25, 2023, 11:14pm

There's a developers mailing list (links should be in the wiki), you may want to post there, detailing packages installed, your /etc/config/wireless file and the CLI command you invoke to see if you get a better response there.

Like I said, I can't imagine WPS being broken in OpenWrt, it's probably a misconfiguration or a missing configuration.

vizoso · January 26, 2023, 3:15am

Hello, thank you very much for your help. I'll do what he tells me. Greetings.

[image]

stangri · January 26, 2023, 9:43pm

There's additional information on WPS is available in wiki: https://openwrt.org/docs/guide-user/network/wifi/basic#wps_options

I'd experiment with some of these options and maybe even downgrade encryption to psk vs psk2.

vizoso · January 28, 2023, 3:36am

Hello, I varied the modulations as you told me and I did not get any results. I am looking for information in the place where you indicated me. Thanks.

hnyman · January 28, 2023, 5:12am

Well, actually you are supposed to know the 8-digit pin code and enter it to the dialog on the client device, and send it to the router to confirm that the device is legit...
The router does not send it. It waits for it

Typically the OEM PIN is written to the printed label and is stored in the OEM settings. But that is not used. OpenWrt does not read the pin code set in the OEM firmware, as the location and storage style of the code varies so much and as WPS is seen as insecure. (I have programmed my own community builds to read the OEM PIN in R7800 and WNDR3700 , but I am not actively using WPS. See How to read TP-Link factory wireless pin from flash - art - #2 by hnyman )

You need to set wps_pin option, 8 numbers, to the WiFi interface config. Just set it to whatever your like. (And possibly also set wps_label method option to 1)

https://openwrt.org/docs/guide-user/network/wifi/basic#wps_options

Otherwise your WPS experiments look good.

Annick · January 28, 2023, 10:22am

for the WPS all my devices do not use a PIN code but only the method of the 2 WPS buttons ...

hnyman · January 28, 2023, 10:27am

The laptop screenshot by @vizoso shows the PIN entering dialog, so the laptop is apparently not using the pushbutton method, but instead it uses the label PIN.

Annick · January 28, 2023, 10:47am

if I translated correctly

top
If you receive ciphered passwords to access the wireless network , ETECSA

bottom
alternatively you can connect by pressing the WPS button on your router

In the picture it is key WIFI - ETECSA ??? or WPS button

vizoso · January 30, 2023, 3:15pm

Hello, thanks for the answers and help. I tell you that the image that I show is the box that appears when you connect to a Wi-Fi network, in that box the password of the selected wireless network is placed. Below is the option to press the wps button.

I am not using the PIN variant for the WPS exchange. I hope you understand me. Thanks.