Wi-Fi Protected Access client and IEEE 802.1X supplicant

wpa_supplicant [ -BddfhKLqqsTtuvW ] [ -iifname ] [ -cconfig file ] [ -Ddriver ] [ -PPID_file ] [ -foutput file ]

Some options have global scope.
Option groups for different interfaces must be separated by -N
filenames should be full ie not relative.

-W Wait for a control interface monitor before starting.
-B background.
-P PID_file
-d debugging messages(-dd even more).
-s Log output to syslog instead of stdout. (if built with the CONFIG_DEBUG_SYSLOG
-T Log output to tracing in addition . (ifi built with the CONFIG_DEBUG_LINUX_TRACING
-f output file Log output to instead of stdout. (if built with the CONFIG_DEBUG_FILE .)
-q quite debugging verbosity (-qq even less).
-K keys (passwords, etc.)Included in debug output.
-t timestamp included in debug messages.
-e entropy file to maintain its internal entropy store in over restarts.
-g global ctrl_interface Path to global ctrl_interface socket. If specified, interface definitions may be omitted.
-u Enable DBus control interface. If enabled, interface definitions may be omitted. (if built with CONFIG_DBUS
-N Start describing new interface.
-i ifname Interface on. Multiple instances can be present, one per interface, separated by -N
-c filename Path to configuration file. (Per interface)
-C ctrl_interface Path to ctrl_interface socket (Per interface. Not with -c
-O override ctrl_interface Override the ctrl_interface parameter for new interfaces.
-b br_ifname bridge interface name. (Per interface)
-D driver can be multiple drivers: (example: nl80211,wext). (Per interface, see the available options .)
-p Driver parameters. (Per interface)
-o override driver Override the driver parameter for new interfaces.
-L Show license (BSD).
-v Show version.
wpa_supplicant v2.4
Copyright (c) 2003-2015, Jouni Malinen  and contributors
-h Help. Show a usage message.

Driver backends that may be used with -D (driver) see wpa_supplicant -h.

       wext       Linux wireless extensions (generic).  
       wired      wpa_supplicant wired Ethernet driver 
       roboswitch wpa_supplicant Broadcom switch driver 
       bsd        BSD 802.11 support (Atheros, etc.).  
       ndis       Windows NDIS driver.


In most common cases, start with:
wpa_supplicant -B -c/etc/wpa_supplicant.conf -iwlan0 # fork into background.
Start on foreground with debugging :
wpa_supplicant -c/etc/wpa_supplicant.conf -iwlan0 -d
If the specific driver wrapper is not known beforehand, it is possible to specify multiple comma separated driver wrappers on the . uses the first driver wrapper that is able to initialize the interface.
wpa_supplicant -Dnl80211,wext -c/etc/wpa_supplicant.conf -iwlan0
Control multiple interfaces (radios) either by running one process for each interface separately or by running just one process and list of options.
Each interface is separated with -N. Example,
wpa_supplicant \
-c wpa1.conf -i wlan0 -D nl80211 \
-N \
-c wpa2.conf -i ath0 -D wext




  1. Make configuration file, wpa_supplicant.conf
  2. Test by running with in foreground with debugging :
    wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -d
    example output
    example -dd output
    wpa_supplicant -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf -d
  3. start in background without debugging:
    wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -B
With more than one driver interface in the build time configuration (.config), specify which interface to use by including -D option on the command line.


changes to pcmcia-cs scripts can be used to enable WPA support:
  1. Add MODE="Managed" and WPA="y" to the network scheme in /etc/pcmcia/wireless.opts.
  2. Add this block to the end of start action handler in /etc/pcmcia/wireless:
    if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then
                      /usr/local/bin/wpa_supplicant -B -c/etc/wpa_supplicant.conf -i$DEVICE
  3. Add the following block to the end of stop action handler (may need to be separated from other actions) in /etc/pcmcia/wireless:
    if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then
                      killall wpa_supplicant
This will make cardmgr start wpa_supplicant when the card is plugged in.


wpa_background(8) config, wpa_supplicant.conf wpa_cli(8) wpa_passphrase(8)

Unauthorized users can passively monitor a wireless network and capture all transmitted frames. unauthorized use of the network is much easier.