Let’s suppose you have systemd-networkd configured to auto-connect to a wired interface, but sometimes you also need to connect to a (certain) wireless network.
Please replace <interface> with the name of your wireless interface, e.g. wlp2s0.1
Find it out with ip link.
Create a new .network file in /etc/systemd/network with something like the following:
[Match]
Name=<interface>
[Link]
RequiredForOnline=routable
[Network]
DHCP=ipv4
You might want to give this file a higher priority over other configurations. This is done through leading numbers, e.g. 20- for wired, 10- for wireless.
If you know the exact SSID you can procede with
wpa_passphrase mySSID >> /etc/wpa_supplicant/wpa_supplicant-<interface>.conf
On my machine, this included the passphrase both encrypted and in cleartext as a comment. Edit the config file to remove the latter.
If you need to scan your networks first you can use the instructions in the wpa_cli chapter.
Now start/restart and ultimately enable the service:
systemctl start wpa_supplicant@<interface>.service
systemctl restart systemd-networkd.service
systemctl enable wpa_supplicant@<interface>.service
With a bit of luck that’s all that was needed.
For good measure I stopped and disabled the general wpa_supplicant.service; but it did not seem
to interfere with anything at any point.
You can use the wpa_cli shell to find out about available
networks/SSIDs.
However, this requires to add some extra values to the top of
/etc/wpa_supplicant/wpa_supplicant-<interface>.conf:
ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=1000
update_config=1
Restart the service: systemctl restart wpa_supplicant@<interface>.service
Now, issuing wpa_cli (/sbin/wpa_cli on Debian) should give you a simple prompt >.
If it doesn’t, make sure ctrl_interface_group corresponds to the group of the
user you are trying to connect as. If that still isn’t enough, you might need to specify
the interface and/or the control interface on the command line to correspond with the
above configuration, e.g.:
wpa_cli -i <interface> -p /run/wpa_supplicant
Enter scan, then after a while (you should see WPS-AP-AVAILABLE) scan_results.
Because i was unable to figure out how to make wpa_cli store the password encrypted
I recommend to quit at this point and create the configuration with wpa_passphrase;
but wpa_cli can do it too:
add_network (make note of the numerical set_network <id> ssid “<SSID>”set_network <id> psk "password"enable_network <id> (you should see CTRL-EVENT-CONNECTED)save_configquitCheck /etc/wpa_supplicant/wpa_supplicant-<interface>.conf if the desired network
has been saved.
Side remark: if you prefer the builtin way, add the following to your kernel command:
net.ifnames=0
For GRUB, edit the GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub
to include this, and update grub. ↩