Re: What should I put inside the file called wlan0?

[David Wright]

On Wed 02 Mar 2022 at 09:01:55 (+0100), Stella Ashburne wrote:
> From: "David Wright" 
> >
> > As long as you have "source /etc/network/interfaces.d/*" in your
> > /e/n/interfaces file, then you can call the file wlp7s0, or wlp3s0,
> > or anything else, and it will be read. That line in quotes is now
> > the default in Debian.
> 
> Just so to be clear..
> 
> The contents of my /etc/network/interfaces file are:
[ … ]
> If I have a file called dave in /etc/network/interfaces.d/ and its contents 
> are:
[ … ]
> Are you saying that my /etc/network/interfaces file may look like the 
> following so long as the line "source /etc/network/interfaces.d/*" (without 
> quotes) is present?
[ … ]

> > BTW does this mean you've given up on iwd?
> >
> For the moment, yes. I encountered the same problems when I tried iwd on 
> Fedora 35. The folks of Fedora community were unable to help me fix it.

You don't have to worry about the division of information between
/e/n/i and /e/n/i.d/ because iwd doesn't use them. And the
security information used by iwd is stored in separate files
under /var/lib/iwd/, and its permissions are all rwX--.

I'm opening another thread on that subject.

Cheers,
David.

Re: What should I put inside the file called wlan0?

[David Wright]

On Thu 03 Mar 2022 at 19:44:35 (+0100), Stella Ashburne wrote:
> From: "David Wright" 
> >
> > In addition, when using "source-directory"¹, you can leave all the
> > configuration files in place, and deactivate them by, say, adding
> > a disallowed character to their filenames, rather than having to
> > remove them.
> > 
> Can you give me an example of (sic) adding a disallowed character to their 
> filenames? Does Linux permit the use of forbidden characters in filenames?
> 
> > BTW, I would add that, though I have a reputation with the OP for
> > not recommending man pages,
> > 
> Most of the man pages don't provide an example for each option or argument 
> mentioned therein.

I would maintain that the examples in   man interfaces
and /usr/share/doc/ifupdown/examples/network-interfaces
cover the area pretty well, assuming you're actually
using ifupdown (which you disputed at one point).

> >   But one of my first actions on any new
> >   installation is to overwrite the networking files.
> > 
> Would you like to elaborate please?

Frequently, I have installed wireless machines with ethernet,
which leaves behind an /e/n/i file for ifupdown to read. Up
until buster, I used wicd to configure the network (both wifi
and wired), so I would immediately overwrite /e/n/i with:

$ cat /etc/network/interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
$ 

otherwise wicd will think that some other application is
configuring any interfaces contained therein.

The upshot is that I don't have an unmodified copy of
/e/n/i to check on my statement re source/source-directory.
What I did check was /var/lib/dpkg/info/ifupdown.postinst,
which is alleged to create the file during instalation.

$ diff -U0 /tmp/bull/ifupdown.postinst /tmp/bust/ifupdown.postinst 
--- /tmp/bull/ifupdown.postinst 2020-11-04 00:37:13.0 -0600
+++ /tmp/bust/ifupdown.postinst 2019-01-28 14:37:33.0 -0600
@@ -23 +23 @@
-  echo "source /etc/network/interfaces.d/*" >> /etc/network/interfaces
+  echo "source-directory /etc/network/interfaces.d" >> 
/etc/network/interfaces
@@ -30 +30 @@
-# Automatically added by dh_installdeb/13.2.1
+# Automatically added by dh_installdeb/12
@@ -41 +41 @@
-# Automatically added by dh_installinit/13.2.1
+# Automatically added by dh_installinit/12
@@ -48 +48 @@
-# Automatically added by dh_installsystemd/13.2.1
+# Automatically added by dh_installsystemd/12
@@ -65 +65 @@
-# Automatically added by dh_installsystemd/13.2.1
+# Automatically added by dh_installsystemd/12
$ 

Cheers,
David.

Re: What should I put inside the file called wlan0?

[tomas]

On Thu, Mar 03, 2022 at 07:44:35PM +0100, Stella Ashburne wrote:
> Mon cheri
> 
> > Sent: Thursday, March 03, 2022 at 11:50 PM
> > From: "David Wright" 

[...]

> > In addition, when using "source-directory"¹, you can leave all the
> > configuration files in place, and deactivate them by, say, adding
> > a disallowed character to their filenames, rather than having to
> > remove them.
> > 
> Can you give me an example of (sic) adding a disallowed character to their 
> filenames? Does Linux permit the use of forbidden characters in filenames?

I think David meant "disallowed wrt the 'source-directory' statement
in the interfaces file. The man page (man 5 interfaces) has this to
say:

  "Similarly,  "source-directory"  keyword is used to source
  multiple files at once, without specifying them individually
  or using shell globs. Additionally, when "source-directory"
  is used, names of the files are checked to match the following
  regular expression: ^[a-zA-Z0-9_-]+$. In other words, the
  names must consist entirely of ASCII upper- and lower-case
  letters, ASCII digits,  ASCII  underscores, and ASCII minus-
  hyphens."

I.e. all other characters would be "disallowed" in this context.
E.g. renaming "my-cool-interface" to "#my-cool-interface" would
exclude it from being included by a "source-directory" statement.

As to your other question, that would depend on the file system,
but as far as Linux is concerned, only the slash "/" and the
NULL character are taboo for file names.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Brian]

On Thu 03 Mar 2022 at 19:51:02 +0100, Stella Ashburne wrote:

> Mon cheri
> 
> > Sent: Friday, March 04, 2022 at 2:43 AM
> > From: "Brian" 
> > To: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > Indeed I do. ifupdown handles the lo interface without them.
> >
> > --
> > Brian.
> >
> Thanks but I don't use ifupdown. Does that mean that I can't omit the 
> following lines?
> 
> # The loopback network interface
> auto lo
> iface lo inet loopback

You are using /etc/network/interfaces. Therefore you use ifupdowm.

  apt show ifupdown
  dpkg -L ifupdown

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Mon cheri

> Sent: Friday, March 04, 2022 at 2:40 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> So, having been given extensive advice in this thread - what is your
> plan of action?
>
> --
> Brian.
>
Firstly, I appreciate the advice that you chaps have given me.

Secondly, I shall edit/amend the /etc/network/interfaces file and the one in 
/etc/network/interfaces.d/brian based on your recommendations.

Best wishes.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Mon cheri

> Sent: Friday, March 04, 2022 at 2:43 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> Indeed I do. ifupdown handles the lo interface without them.
>
> --
> Brian.
>
Thanks but I don't use ifupdown. Does that mean that I can't omit the following 
lines?

# The loopback network interface
auto lo
iface lo inet loopback


Best wishes.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Mon cheri

> Sent: Thursday, March 03, 2022 at 11:50 PM
> From: "David Wright" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> In addition, when using "source-directory"¹, you can leave all the
> configuration files in place, and deactivate them by, say, adding
> a disallowed character to their filenames, rather than having to
> remove them.
> 
Can you give me an example of (sic) adding a disallowed character to their 
filenames? Does Linux permit the use of forbidden characters in filenames?

> BTW, I would add that, though I have a reputation with the OP for
> not recommending man pages,
> 
Most of the man pages don't provide an example for each option or argument 
mentioned therein.

>   But one of my first actions on any new
>   installation is to overwrite the networking files.
> 
Would you like to elaborate please?

Best wishes.

Stella

Re: What should I put inside the file called wlan0?

[Brian]

On Thu 03 Mar 2022 at 19:38:07 +0100, Stella Ashburne wrote:

[Snip]

> Did you mean to tell me that the following lines can be omitted from both 
> /etc/network/interfaces AND /etc/network/interfaces.d/brian ?
> 
> # The loopback network interface
> auto lo
> iface lo inet loopback

Indeed I do. ifupdown handles the lo interface without them.

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Brian]

On Thu 03 Mar 2022 at 19:23:43 +0100, Stella Ashburne wrote:

> Mon cheri
> 
> > Sent: Thursday, March 03, 2022 at 7:22 PM
> > From: "Tim Woodall" 
> > To: "Stella Ashburne" 
> > Cc: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> > If you only have one interface then it probably doesn't make much
> > difference whether you leave it in interfaces or move it to
> > interfaces.d/
> >
> Thank for your clarification.

So, having been given extensive advice in this thread - what is your
plan of action?

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Note: This reply is addressed specifically to Brian.

Mon cheri

> Sent: Thursday, March 03, 2022 at 1:59 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> (Nothing to do with your question but these two lines are superfluous:
>
> auto lo
> iface lo inet loopback).
>
> --
> Brian.
>
I just remembered I should seek more clarification about your above remark.

The contents of my /etc/network/interfaces file are:



# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug enp2s0
iface enp6s0 inet static
address 192.168.1.77/24
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8



while in /etc/network/interfaces.d/brian they are:

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug wlp7s0
iface wlp7s0 inet static
wpa-ssid JupiterRising
wpa-psk (a long string of alphanumeric characters)
address 192.168.1.99/24
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8

Did you mean to tell me that the following lines can be omitted from both 
/etc/network/interfaces AND /etc/network/interfaces.d/brian ?

# The loopback network interface
auto lo
iface lo inet loopback


Best wishes.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Mon cheri

> Sent: Thursday, March 03, 2022 at 7:22 PM
> From: "Tim Woodall" 
> To: "Stella Ashburne" 
> Cc: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> If you only have one interface then it probably doesn't make much
> difference whether you leave it in interfaces or move it to
> interfaces.d/
>
Thank for your clarification.

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[David Wright]

On Wed 02 Mar 2022 at 17:59:07 (+), Brian wrote:
> On Wed 02 Mar 2022 at 09:01:55 +0100, Stella Ashburne wrote:
> > From: "David Wright" 
> > >
> > > As long as you have "source /etc/network/interfaces.d/*" in your
> > > /e/n/interfaces file, then you can call the file wlp7s0, or wlp3s0,
> > > or anything else, and it will be read. That line in quotes is now
> > > the default in Debian.
> > 
> > Just so to be clear..
> > 
> > The contents of my /etc/network/interfaces file are:

[ … ]

> > Are you saying that my /etc/network/interfaces file may look like the 
> > following so long as the line "source /etc/network/interfaces.d/*" (without 
> > quotes) is present?
> 
> Correct, although I do nit understand what you gain from using
> /etc/network/interfaces.d/.

It allows you to configure each interface for each network in
individual files, which simplifies adding/removing/editing them
(or tailoring their permissions).

In addition, when using "source-directory"¹, you can leave all the
configuration files in place, and deactivate them by, say, adding
a disallowed character to their filenames, rather than having to
remove them.

More and more of the system configuration files are being split up
in this manner.

BTW, I would add that, though I have a reputation with the OP for
not recommending man pages, the paragraph in   man interfaces
that's headed "INCLUDING OTHER FILES" should make it very clear
what the relationship is between the /e/n/interfaces file itself
and any files placed in the /e/n/interfaces.d/ directory.

¹ I think source-directory was the default with buster, looking
  at the netinst ISO. But one of my first actions on any new
  installation is to overwrite the networking files.

Cheers,
David.

Re: wikis: moin-moin : plain text (was: Re: What should I put inside the file called wlan0?)

[Tim Woodall]

On Thu, 3 Mar 2022, rhkra...@gmail.com wrote:


On Tuesday, March 01, 2022 10:34:40 AM Tim Woodall wrote:

I now discover that
moinmoin is no longer in bullseye so my wiki-pages about it are all gone


I don't remember many details about moin-moin (is there a dash?), but many
(most?) wikis have text stored in an almost plain text form (possibly with
some amount of various varieties of markup).

If you can find the data file(s) you might try reading and searching them with a
plain text editor.

Aside: One of the goals of my  wiki / askSam workalike (being developed, but
at least one usable iteration (by me ;-) ) is to allow me to keep text files
(with markup) on my local computer (for searching and editing) and allowing
those to be easily uploaded (and downloaded when changes have been made
online) to an online wiki (Foswiki / TWiki),



Oh, I can definitely recover it, just that I no longer have a buster
machine to quickly get it up again. I missed testing this during the
buster->bullseye upgrade and I've now got another project eating up my
spare time so setting up a new machine and getting it working again
needs to be "scheduled"

There isn't much there anyway, it's a fairly recent thing, but I'd
started to migrate my note taking to it (I chose moinmoin on the grounds
that the debian wiki uses it so I guessed it wasn't likely to be
dropped...)

My setup was (like everything I do :-P) unnecessarily complex so I
either have to roll the machine back that supported it to the
pre-bullseye backup or allow a weekend to get everything setup again on
a new machine - which includes things like firewall rules, dns and
goodness knows what else. I think I have a moinmoin page telling me
how I set it up. :-O

Re: wikis: moin-moin : plain text (was: Re: What should I put inside the file called wlan0?)

[Greg Wooledge]

On Thu, Mar 03, 2022 at 08:39:33AM -0500, rhkra...@gmail.com wrote:
> On Tuesday, March 01, 2022 10:34:40 AM Tim Woodall wrote:
> > I now discover that
> > moinmoin is no longer in bullseye so my wiki-pages about it are all gone
> 
> I don't remember many details about moin-moin (is there a dash?), but many 
> (most?) wikis have text stored in an almost plain text form (possibly with 
> some amount of various varieties of markup).

MoinMoin does indeed store its articles in plain text files.  This is
very much unlike Mediawiki, which stores them in a MySQL (or other)
database.

There is no fixed location for where pages in a MoinMoin wiki are
stored.  The person who sets up the wiki chooses everything (which
makes maintenance steps inconvenient, as the documentation never tells
you where to go or exactly what to type; you have to do a bunch of
substitutions and interpolations yourself).

The Debian package would have been "set up" by the Debian maintainer,
but I don't know what choices they made.

I set up mine to live in /var/moin, so I have a layout like this:

root@remote:/var/moin/data/pages# ls BashFAQ\(2f\)113/revisions
0001  0002  0003  0004  0005  0006
root@remote:/var/moin/data/pages# file BashFAQ\(2f\)113/revisions/0006
BashFAQ(2f)113/revisions/0006: ASCII text, with very long lines, with CRLF 
line terminators

So, in general, you're looking for the root directory of your wiki.
Underneath that, there should be a data directory, then under that is
pages, and under that are all the individual pages' directories, with
various punctuation characters in the page names converted to (xx)
hexadecimal notation.  Inside *that* is a revisions subdirectory, and
in there are the files containing actual page text, one whole file for
each revision of the page.  No compression, no diffs or incremental
storage, or anything.  Whole copies.

wikis: moin-moin : plain text (was: Re: What should I put inside the file called wlan0?)

[rhkramer]

On Tuesday, March 01, 2022 10:34:40 AM Tim Woodall wrote:
> I now discover that
> moinmoin is no longer in bullseye so my wiki-pages about it are all gone

I don't remember many details about moin-moin (is there a dash?), but many 
(most?) wikis have text stored in an almost plain text form (possibly with 
some amount of various varieties of markup).

If you can find the data file(s) you might try reading and searching them with 
a 
plain text editor.

Aside: One of the goals of my  wiki / askSam workalike (being developed, but 
at least one usable iteration (by me ;-) ) is to allow me to keep text files 
(with markup) on my local computer (for searching and editing) and allowing 
those to be easily uploaded (and downloaded when changes have been made 
online) to an online wiki (Foswiki / TWiki), 

Re: What should I put inside the file called wlan0?

[Tim Woodall]

On Thu, 3 Mar 2022, Stella Ashburne wrote:


Dearie


Sent: Thursday, March 03, 2022 at 1:59 AM
From: "Brian" 
To: debian-user@lists.debian.org
Subject: Re: What should I put inside the file called wlan0?

On Wed 02 Mar 2022 at 09:01:55 +0100, Stella Ashburne wrote:


Are you saying that my /etc/network/interfaces file may look like the following so long 
as the line "source /etc/network/interfaces.d/*" (without quotes) is present?


Correct, although I do nit understand what you gain from using
/etc/network/interfaces.d/.



Please surf to https://wiki.debian.org/WiFi/HowToUse, sub-heading "WPA-PSK and 
WPA2-PSK", paragraph 1 which states:

1. Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
key (PSK) disclosure (alternatively use a separate config file such as 
/etc/network/interfaces.d/wlan0 on newer Debian versions):




If you only have one interface then it probably doesn't make much
difference whether you leave it in interfaces or move it to
interfaces.d/

I prefer interfaces.d/ but I have some machines with lots of interfaces
to configure. I also do quite a lot of maintenance programmatically and
it's much easier to work with separate files than have to find the
correct bit in one long file.


This is orthogonal to the permissions thing. If you do not want your
WiFi password to be in a world readable file then you should ensure that
the file that contains your password isn't world readable.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Thursday, March 03, 2022 at 1:59 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> On Wed 02 Mar 2022 at 09:01:55 +0100, Stella Ashburne wrote:
>
> > Are you saying that my /etc/network/interfaces file may look like the 
> > following so long as the line "source /etc/network/interfaces.d/*" (without 
> > quotes) is present?
>
> Correct, although I do nit understand what you gain from using
> /etc/network/interfaces.d/.
>

Please surf to https://wiki.debian.org/WiFi/HowToUse, sub-heading "WPA-PSK and 
WPA2-PSK", paragraph 1 which states:

1. Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
key (PSK) disclosure (alternatively use a separate config file such as 
/etc/network/interfaces.d/wlan0 on newer Debian versions):


>
> (Nothing to do with your question but these two lines are superfluous:
>
> auto lo
> iface lo inet loopback).
>
Thanks, dearie, for your tip.

Best wishes

Stella

Re: What should I put inside the file called wlan0?

[Brian]

On Wed 02 Mar 2022 at 09:01:55 +0100, Stella Ashburne wrote:

> Dearie
> 
> > Sent: Wednesday, March 02, 2022 at 12:20 AM
> > From: "David Wright" 
> > To: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > As long as you have "source /etc/network/interfaces.d/*" in your
> > /e/n/interfaces file, then you can call the file wlp7s0, or wlp3s0,
> > or anything else, and it will be read. That line in quotes is now
> > the default in Debian.
> >
> 
> Just so to be clear..
> 
> The contents of my /etc/network/interfaces file are:
> 
> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).
> 
> source /etc/network/interfaces.d/*
> 
> # The loopback network interface
> auto lo
> iface lo inet loopback
> 
> # The primary network interface
> #allow-hotplug enp2s0
> #iface enp6s0 inet static
> # address 192.168.1.77/24
> # gateway 192.168.1.1
>   # dns-* options are implemented by the resolvconf package, if installed
> # dns-nameservers 1.1.1.1 8.8.8.8
> 
> # The primary network interface
> allow-hotplug wlp7s0
> iface wlp7s0 inet static
> wpa-ssid JupiterRising
> wpa-psk (a long string of alphanumeric characters)
> address 192.168.1.99/24
> gateway 192.168.1.1
> # dns-* options are implemented by the resolvconf package, if 
> installed
> dns-nameservers 1.1.1.1 8.8.8.8
> 
> If I have a file called dave in /etc/network/interfaces.d/ and its contents 
> are:
> 
> 
> 
> # The primary network interface
> allow-hotplug wlp7s0
> iface wlp7s0 inet static
> wpa-ssid JupiterRising
> wpa-psk (a long string of alphanumeric characters)
> address 192.168.1.99/24
> gateway 192.168.1.1
> # dns-* options are implemented by the resolvconf package, if 
> installed
> dns-nameservers 1.1.1.1 8.8.8.8
> 
> 
> Are you saying that my /etc/network/interfaces file may look like the 
> following so long as the line "source /etc/network/interfaces.d/*" (without 
> quotes) is present?

Correct, although I do nit understand what you gain from using
/etc/network/interfaces.d/.

> # This file describes the network interfaces available on your system
> # and how to activate them. For more information, see interfaces(5).
> 
> source /etc/network/interfaces.d/*
> 
> # The loopback network interface
> auto lo
> iface lo inet loopback
> 
> # The primary network interface
> #allow-hotplug enp2s0
> #iface enp6s0 inet static
> # address 192.168.1.77/24
> # gateway 192.168.1.1
>   # dns-* options are implemented by the resolvconf package, if installed
> # dns-nameservers 1.1.1.1 8.8.8.

(Nothing to do with your question but these two lines are superfluous:

auto lo
iface lo inet loopback).

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Wednesday, March 02, 2022 at 12:20 AM
> From: "David Wright" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> As long as you have "source /etc/network/interfaces.d/*" in your
> /e/n/interfaces file, then you can call the file wlp7s0, or wlp3s0,
> or anything else, and it will be read. That line in quotes is now
> the default in Debian.
>

Just so to be clear..

The contents of my /etc/network/interfaces file are:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug enp2s0
#iface enp6s0 inet static
#   address 192.168.1.77/24
#   gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
#   dns-nameservers 1.1.1.1 8.8.8.8

# The primary network interface
allow-hotplug wlp7s0
iface wlp7s0 inet static
wpa-ssid JupiterRising
wpa-psk (a long string of alphanumeric characters)
address 192.168.1.99/24
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8

If I have a file called dave in /etc/network/interfaces.d/ and its contents are:



# The primary network interface
allow-hotplug wlp7s0
iface wlp7s0 inet static
wpa-ssid JupiterRising
wpa-psk (a long string of alphanumeric characters)
address 192.168.1.99/24
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8


Are you saying that my /etc/network/interfaces file may look like the following 
so long as the line "source /etc/network/interfaces.d/*" (without quotes) is 
present?



# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug enp2s0
#iface enp6s0 inet static
#   address 192.168.1.77/24
#   gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
#   dns-nameservers 1.1.1.1 8.8.8.8



> BTW does this mean you've given up on iwd?
>
For the moment, yes. I encountered the same problems when I tried iwd on Fedora 
35. The folks of Fedora community were unable to help me fix it. Thanks for 
asking, mon cher.

Best wishes

Stella

Re: What should I put inside the file called wlan0?

[Ash Joubert]

On 01/03/2022 12:44, Brian wrote:

On Tue 01 Mar 2022 at 10:36:54 +1300, Ash Joubert wrote:

On 01/03/2022 09:25, Nicolas George wrote:

In typical domestic settings, the wifi password is on a post-it near the
access point, safe from neighbors but convenient for guests.

For even greater convenience, especially for those of us who inflict long
randomly-generated passphrases on our guests, you can provide a QR code that
works with most mobile devices:
qrencode -s 20 -o wifi.png "WIFI:S:Your Wifi SSID;T:WPA;P:Your Wifi
Passphrase;;"

Very nice. Does that work when the code is onscreen and/or printed on
paper?


Yes, both. I have made QR codes for paper and have also scanned them 
from my desktop and from my phone (just like Google Pay passes). I used 
LibreOffice Writer to place my WiFi QR codes alongside identifying 
information on a single page for printing. Smart phones seem to have no 
problem reading them from paper or screens.


QR codes are designed to work in dirty industrial environments. Another 
nice trick is to use "qrencode -l h" to encode a high level of 
redundancy so that ~30% of the QR code can be overwritten with a logo or 
other artwork such as a WiFi symbol.


Kind regards,

--
Ash Joubert 
Director
Transient Software Limited 
New Zealand

Re: What should I put inside the file called wlan0?

[David Wright]

On Mon 28 Feb 2022 at 20:59:03 (+0100), Stella Ashburne wrote:

> The contents of my current /etc/network/interfaces file are:
> 
> # The primary network interface

↓↓↓⬇↓↓
> allow-hotplug wlp3s0
> iface wlp7s0 inet static
↑↑↑⬆↑↑

Is that really what you mean to have?

> wpa-ssid JupiterRising
> wpa-psk {a long string of alphanumeric characters}
> address 192.168.1.99/24
> gateway 192.168.1.1
> # dns-* options are implemented by the resolvconf package, if 
> installed
> dns-nameservers 1.1.1.1 8.8.8.8
> 
> Are you saying that I can cut out the above contents and paste them into a 
> file called wlp7s0 (whose path is /etc/network/interfaces.d/)?

As long as you have "source /etc/network/interfaces.d/*" in your
/e/n/interfaces file, then you can call the file wlp7s0, or wlp3s0,
or anything else, and it will be read. That line in quotes is now
the default in Debian.

BTW does this mean you've given up on iwd?

Cheers,
David.

Re: What should I put inside the file called wlan0?

[Tim Woodall]

On Tue, 1 Mar 2022, Greg Wooledge wrote:


On Tue, Mar 01, 2022 at 02:42:29PM +, Tim Woodall wrote:

My /etc/network/interfaces has:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d


Did you write this file yourself, or are you using something other
than Debian?  Just curious.

unicorn:~$ grep interfaces /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*




I was going to say I almost certainly wrote it myself as this machine
has been continuously upgraded going back to the dark ages. However, now
I check every single machine uses this and I cannot see where I have
manually configured it. I use my own installer - and I now discover that
moinmoin is no longer in bullseye so my wiki-pages about it are all gone
:-(

But when I look at the ifupdown.postinst script for buster I see:
# Generic stuff done on all configurations
if [ "$1" = "configure" ] ; then
  # We don't need loopback interface definition anymore as
  # ifupdown handles loopback interface on its own from now
  if [ ! -f /etc/network/interfaces ] ; then
if [ -z "$2" ]; then
  echo "Creating /etc/network/interfaces."
  echo "# interfaces(5) file used by ifup(8) and ifdown(8)" >
/etc/network/interfaces
  echo "# Include files from /etc/network/interfaces.d:" >>
/etc/network/interfaces
  echo "source-directory /etc/network/interfaces.d" >>
/etc/network/interfaces
else
  report_warn "/etc/network/interfaces does not exist"
fi
  fi
fi

So it looks like it changed for bullseye and as I have not installed a
machine from scratch for bullseye yet I've not seen the latest variant.

Re: What should I put inside the file called wlan0?

[Brian]

On Tue 01 Mar 2022 at 15:25:52 +0100, Stella Ashburne wrote:

> Dearie
> 
> > Sent: Tuesday, March 01, 2022 at 8:13 PM
> > From: "Brian" 
> > To: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > /e/n/i may contain PSKs for networks other than the home network;
> > friens, relatives, work etc. A user, having been trusted with them,
> > may see it as an obligation not to make *them* easily accessible.
> >
> > --
> By /e/n/i did you mean /etc/network/interfaces or /etc/network/interfaces.d  ?

The first.

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Greg Wooledge]

On Tue, Mar 01, 2022 at 02:42:29PM +, Tim Woodall wrote:
> My /etc/network/interfaces has:
> # interfaces(5) file used by ifup(8) and ifdown(8)
> # Include files from /etc/network/interfaces.d:
> source-directory /etc/network/interfaces.d

Did you write this file yourself, or are you using something other
than Debian?  Just curious.

unicorn:~$ grep interfaces /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*

Re: What should I put inside the file called wlan0?

[tomas]

On Tue, Mar 01, 2022 at 08:37:15AM -0600, David Wright wrote:

[...]

> I think you need to triple-check then. The Debian default line is

(note to self: triple-check next time ;-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[tomas]

On Tue, Mar 01, 2022 at 09:11:46AM -0500, Stefan Monnier wrote:
> to...@tuxteam.de [2022-03-01 07:35:20] wrote:
> > I see.  As others have already noted in this thread, your WiFi PSK
> > isn't usually a high-value secret; besides, if someone has access
> > to your computer, she typically has more valuable things to look
> > for.
> 
> OTOH, by putting barriers only at those places where we can think
> of attack scenarios we end up with rampant security issues, because
> attacks are more diverse/creative than we can ever be.

Definitely. 

I think the most important thing to keep around is "context matters", which
more or less corresponds to what secuity buffs call "threat model". What
kind of stuff are you trying to defend against?

 - Is it only your home's access point's secret key what is at stake, or
   your friend's, workplace's, etc?

 - Are you defending against your computer "at rest" being stolen (in
   which case perhaps a full disk encryption might Just Do (TM) or are
   you defending against some javascript-vectored trojan coming in
   via your browser (or some macro through some *cough* text processing
   software)?

And so on. Security can be very amusing :-)

This permission based securisation carries over many things from the
good ol' times of real multiuser systems. Now of course it's one road
bump more: should my browser ask me for my password I'd tend to kill
it right away; most folks wouldn't be that cruel :-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Tim Woodall]

On Tue, 1 Mar 2022, Stella Ashburne wrote:


Dearie

Thanks for your clarification.


Sent: Tuesday, March 01, 2022 at 8:16 PM
From: "Tim Woodall" 
To: "Stella Ashburne" 
Cc: debian-user@lists.debian.org
Subject: Re: What should I put inside the file called wlan0?

On Mon, 28 Feb 2022, Stella Ashburne wrote:


Dearie,

Thanks for your reply.


Sent: Tuesday, March 01, 2022 at 3:10 AM
From: to...@tuxteam.de
To: debian-user@lists.debian.org
Subject: Re: What should I put inside the file called wlan0?



Are you saying that I can cut out the above contents and paste them into a file 
called wlp7s0 (whose path is /etc/network/interfaces.d/)?



Yes, but you need to have this in /e/n/i



Did you mean /etc/network/interfaces AND /etc/network/interfaces.d/wlp3s0 each 
must have the following contents:

# The primary network interface
allow-hotplug wlp3s0
iface wlp3s0 inet static
  wpa-ssid JupiterRising
  wpa-psk {a long string of alphanumeric characters}
  address 192.168.1.99/24
  gateway 192.168.1.1
  # dns-* options are implemented by the resolvconf package, if installed
  dns-nameservers 1.1.1.1 8.8.8.8



source-directory /etc/network/interfaces.d


What did you mean by source-directory /etc/network/interfaces.d ? I am a bit 
confused.

Best regards.

Stella





My /etc/network/interfaces has:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d


and then in /etc/network/interfaces.d I have a separate file for each
interface I want to configure.

Re: What should I put inside the file called wlan0?

[David Wright]

On Tue 01 Mar 2022 at 13:22:37 (+0100), to...@tuxteam.de wrote:
> On Tue, Mar 01, 2022 at 12:16:44PM +, Tim Woodall wrote:
> > On Mon, 28 Feb 2022, Stella Ashburne wrote:
> 
> [...]
> 
> > > # The primary network interface
> > > allow-hotplug wlp3s0
> > > iface wlp7s0 inet static
> > >wpa-ssid JupiterRising
> > >wpa-psk {a long string of alphanumeric characters}
> > >address 192.168.1.99/24
> > >gateway 192.168.1.1
> > ># dns-* options are implemented by the resolvconf package, if 
> > > installed
> > >dns-nameservers 1.1.1.1 8.8.8.8
> > > 
> > > Are you saying that I can cut out the above contents and paste them into 
> > > a file called wlp7s0 (whose path is /etc/network/interfaces.d/)?
> > > 
> > 
> > Yes, but you need to have this in /e/n/i
> > 
> > source-directory /etc/network/interfaces.d
> 
> That's correct. This line is by default there on (sufficiently recent)
> Debians (yes, this time I double-checked ;-)

I think you need to triple-check then. The Debian default line is

  source /etc/network/interfaces.d/*

which relaxes the restrictions on filename patterns that are
read by source-directory /etc/network/interfaces.d.

Cheers,
David.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

Thanks for your clarification.

> Sent: Tuesday, March 01, 2022 at 8:16 PM
> From: "Tim Woodall" 
> To: "Stella Ashburne" 
> Cc: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> On Mon, 28 Feb 2022, Stella Ashburne wrote:
>
> > Dearie,
> >
> > Thanks for your reply.
> >
> >> Sent: Tuesday, March 01, 2022 at 3:10 AM
> >> From: to...@tuxteam.de
> >> To: debian-user@lists.debian.org
> >> Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > Are you saying that I can cut out the above contents and paste them into a 
> > file called wlp7s0 (whose path is /etc/network/interfaces.d/)?
> >
>
> Yes, but you need to have this in /e/n/i
>

Did you mean /etc/network/interfaces AND /etc/network/interfaces.d/wlp3s0 each 
must have the following contents:

# The primary network interface
allow-hotplug wlp3s0
iface wlp3s0 inet static
   wpa-ssid JupiterRising
   wpa-psk {a long string of alphanumeric characters}
   address 192.168.1.99/24
   gateway 192.168.1.1
   # dns-* options are implemented by the resolvconf package, if installed
   dns-nameservers 1.1.1.1 8.8.8.8


> source-directory /etc/network/interfaces.d
>
What did you mean by source-directory /etc/network/interfaces.d ? I am a bit 
confused.

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Tuesday, March 01, 2022 at 8:13 PM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> /e/n/i may contain PSKs for networks other than the home network;
> friens, relatives, work etc. A user, having been trusted with them,
> may see it as an obligation not to make *them* easily accessible.
>
> --
By /e/n/i did you mean /etc/network/interfaces or /etc/network/interfaces.d  ?

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[tomas]

On Tue, Mar 01, 2022 at 12:16:44PM +, Tim Woodall wrote:
> On Mon, 28 Feb 2022, Stella Ashburne wrote:

[...]

> > # The primary network interface
> > allow-hotplug wlp3s0
> > iface wlp7s0 inet static
> >wpa-ssid JupiterRising
> >wpa-psk {a long string of alphanumeric characters}
> >address 192.168.1.99/24
> >gateway 192.168.1.1
> ># dns-* options are implemented by the resolvconf package, if 
> > installed
> >dns-nameservers 1.1.1.1 8.8.8.8
> > 
> > Are you saying that I can cut out the above contents and paste them into a 
> > file called wlp7s0 (whose path is /etc/network/interfaces.d/)?
> > 
> 
> Yes, but you need to have this in /e/n/i
> 
> source-directory /etc/network/interfaces.d

That's correct. This line is by default there on (sufficiently recent)
Debians (yes, this time I double-checked ;-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Tim Woodall]

On Mon, 28 Feb 2022, Stella Ashburne wrote:


Dearie,

Thanks for your reply.


Sent: Tuesday, March 01, 2022 at 3:10 AM
From: to...@tuxteam.de
To: debian-user@lists.debian.org
Subject: Re: What should I put inside the file called wlan0?


So if you have this in your /etc/network/interfaces somewhere:

  ...
  ## Bahn ICE
  iface wlan0 inet dhcp
wireless-essid WIFIonICE
wireless-mode Auto
  ...

(it's actually my current setting, BTW :) you could swap that
out to some file under interfaces.d.


The contents of my current /etc/network/interfaces file are:

# The primary network interface
allow-hotplug wlp3s0
iface wlp7s0 inet static
   wpa-ssid JupiterRising
   wpa-psk {a long string of alphanumeric characters}
   address 192.168.1.99/24
   gateway 192.168.1.1
   # dns-* options are implemented by the resolvconf package, if installed
   dns-nameservers 1.1.1.1 8.8.8.8

Are you saying that I can cut out the above contents and paste them into a file 
called wlp7s0 (whose path is /etc/network/interfaces.d/)?



Yes, but you need to have this in /e/n/i

source-directory /etc/network/interfaces.d

Re: What should I put inside the file called wlan0?

[Brian]

On Tue 01 Mar 2022 at 07:35:20 +0100, to...@tuxteam.de wrote:

> On Mon, Feb 28, 2022 at 10:43:52PM +0100, Stella Ashburne wrote:
> > Dearie
> 
> [...]
> 
> > According to Debian Wiki WiFi How To Use 
> > (https://wiki.debian.org/WiFi/HowToUse), the reason for doing the split is:
> > 
> > (sic) Restrict the permissions of /etc/network/interfaces, to prevent 
> > pre-shared key (PSK) disclosure
> 
> I see. As others have already noted in this thread, your WiFi PSK
> isn't usually a high-value secret; besides, if someone has access
> to your computer, she typically has more valuable things to look
> for.

/e/n/i may contain PSKs for networks other than the home network;
friens, relatives, work etc. A user, having been trusted with them,
may see it as an obligation not to make *them* easily accessible.

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Tuesday, March 01, 2022 at 3:49 PM
> From: "Markus Schönhaber" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> 
> No, 475 is the file's size.
> The numeric value for the permission "-rw-r--r--" is 0644.
> stat /etc/network/interfaces
> will show you that.
> 
Thanks.

Stella

Re: What should I put inside the file called wlan0?

[Nicolas George]

Brian (12022-02-28):
> > First, ask yourself: Do you really need to protect your wifi password
> > from the users of your own computer?
> Aren't you assuming the machine is always in a safe environment?

No, I am not assuming anything when I start the sentence with “ask
yourself”.

-- 
  Nicolas George


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Curt]

On 2022-02-28, Brian  wrote:
>> 
>> qrencode -s 20 -o wifi.png "WIFI:S:Your Wifi SSID;T:WPA;P:Your Wifi
>> Passphrase;;"
>
> Very nice. Does that work when the code is onscreen and/or printed on
> paper?
>

Yes.

Re: What should I put inside the file called wlan0?

[Markus Schönhaber]

01.03.22, 06:04 +0100, Stella Ashburne:


Sent: Tuesday, March 01, 2022 at 7:18 AM
From: "Brian" 
To: debian-user@lists.debian.org
Subject: Re: What should I put inside the file called wlan0?

Om all my systems:

brian@5740:~$ ls -l /etc/network/interfaces
-rw-r--r-- 1 root root 475 Nov  3 19:23 /etc/network/interfaces


So the default chmod value of /etc/network/interfaces is 475 ?


No, 475 is the file's size.
The numeric value for the permission "-rw-r--r--" is 0644.
stat /etc/network/interfaces
will show you that.

--
Regards
  mks

Re: What should I put inside the file called wlan0?

[tomas]

On Mon, Feb 28, 2022 at 11:18:25PM +, Brian wrote:

[...]

> Om all my systems:
> 
> brian@5740:~$ ls -l /etc/network/interfaces
> -rw-r--r-- 1 root root 475 Nov  3 19:23 /etc/network/interfaces

That's absolutely right. I already posted a correction, but it
doesn't seem to have made it through.

Sorry for that brain fart.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[tomas]

On Mon, Feb 28, 2022 at 10:43:52PM +0100, Stella Ashburne wrote:
> Dearie

[...]

> According to Debian Wiki WiFi How To Use 
> (https://wiki.debian.org/WiFi/HowToUse), the reason for doing the split is:
> 
> (sic) Restrict the permissions of /etc/network/interfaces, to prevent 
> pre-shared key (PSK) disclosure

I see. As others have already noted in this thread, your WiFi PSK
isn't usually a high-value secret; besides, if someone has access
to your computer, she typically has more valuable things to look
for.

One might construct scenarios: having a quick look at your laptop
in the bar while you are in the restroom, then stealing your bandwidth
(or doing nasty things from your access point's IP). But hey.

That said, you're your network's boss, so it's on you to decide.
There might be reasons to not reveal it (or, let's be realistic, to
make access to it a bit more difficult).

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dear Ash

> Sent: Tuesday, March 01, 2022 at 5:36 AM
> From: "Ash Joubert" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> qrencode -s 20 -o wifi.png "WIFI:S:Your Wifi SSID;T:WPA;P:Your Wifi
> Passphrase;;"
>
Thanks for the tip.

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Tuesday, March 01, 2022 at 7:18 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> Om all my systems:
>
> brian@5740:~$ ls -l /etc/network/interfaces
> -rw-r--r-- 1 root root 475 Nov  3 19:23 /etc/network/interfaces
>
So the default chmod value of /etc/network/interfaces is 475 ?

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Brian]

On Tue 01 Mar 2022 at 10:36:54 +1300, Ash Joubert wrote:

> On 01/03/2022 09:25, Nicolas George wrote:
> > In typical domestic settings, the wifi password is on a post-it near the
> > access point, safe from neighbors but convenient for guests.
> 
> For even greater convenience, especially for those of us who inflict long
> randomly-generated passphrases on our guests, you can provide a QR code that
> works with most mobile devices:
> 
> qrencode -s 20 -o wifi.png "WIFI:S:Your Wifi SSID;T:WPA;P:Your Wifi
> Passphrase;;"

Very nice. Does that work when the code is onscreen and/or printed on
paper?

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Brian]

On Mon 28 Feb 2022 at 21:25:01 +0100, Nicolas George wrote:

> Stella Ashburne (12022-02-28):
> > I quote from Debian Wiki (https://wiki.debian.org/WiFi/HowToUse) :
> > 
> > "Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
> > key (PSK) disclosure (alternatively use a separate config file such as 
> > /etc/network/interfaces.d/wlan0 on newer Debian versions): "
> 
> First, ask yourself: Do you really need to protect your wifi password
> from the users of your own computer?

Aren't you assuming the machine is always in a safe environment?

> In typical domestic settings, the wifi password is on a post-it near the
> access point, safe from neighbors but convenient for guests.

My guests' eyes glaze over when they are given a 63 character random 
passphrase to type in :). Then they put me to the trouble of mailing
to them.

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Brian]

On Mon 28 Feb 2022 at 21:17:25 +0100, Stella Ashburne wrote:

> Dearie,
> 
> > Sent: Tuesday, March 01, 2022 at 4:08 AM
> > From: "Brian" 
> > To: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > You do not want just anyone to read /etc/network/interfaces?
> >
> >   chmod 600 /etc/network/interfaces
> >
> That's the recommended step in said Wiki.
> 
> What's the default chmod value of /etc/network/interfaces?

Om all my systems:

brian@5740:~$ ls -l /etc/network/interfaces
-rw-r--r-- 1 root root 475 Nov  3 19:23 /etc/network/interfaces

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Ash Joubert]

On 01/03/2022 09:25, Nicolas George wrote:

In typical domestic settings, the wifi password is on a post-it near the
access point, safe from neighbors but convenient for guests.


For even greater convenience, especially for those of us who inflict 
long randomly-generated passphrases on our guests, you can provide a QR 
code that works with most mobile devices:


qrencode -s 20 -o wifi.png "WIFI:S:Your Wifi SSID;T:WPA;P:Your Wifi 
Passphrase;;"


Kind regards,

--
Ash Joubert 
Director
Transient Software Limited 
New Zealand

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Tuesday, March 01, 2022 at 4:21 AM
> From: to...@tuxteam.de
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
> On Mon, Feb 28, 2022 at 09:20:07PM +0100, to...@tuxteam.de wrote:
>
> [...]
>
> > (in Debian, at least) /etc/network/interfaces is only root-readable. So
>
If that's the case, why would Debian Wiki recommend to chmod as follows?

# chmod 0600 /etc/network/interfaces

(source: https://wiki.debian.org/WiFi/HowToUse)

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie

> Sent: Tuesday, March 01, 2022 at 4:20 AM
> From: to...@tuxteam.de
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> However, if I remember your original post correctly, there were security
> reasons mentioned (about a possibly world readable /etc/network/interfaces,
> and splitting out an .../interfaces.d/wlan0 as a fix), Note that by default
> (in Debian, at least) /etc/network/interfaces is only root-readable. So
> this wouldn't be the reason you'd want to do the split (there are other
> valid reasons, though).
>
According to Debian Wiki WiFi How To Use 
(https://wiki.debian.org/WiFi/HowToUse), the reason for doing the split is:

(sic) Restrict the permissions of /etc/network/interfaces, to prevent 
pre-shared key (PSK) disclosure

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Nicolas George]

Stella Ashburne (12022-02-28):
> I quote from Debian Wiki (https://wiki.debian.org/WiFi/HowToUse) :
> 
> "Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
> key (PSK) disclosure (alternatively use a separate config file such as 
> /etc/network/interfaces.d/wlan0 on newer Debian versions): "

First, ask yourself: Do you really need to protect your wifi password
from the users of your own computer?

In typical domestic settings, the wifi password is on a post-it near the
access point, safe from neighbors but convenient for guests.

Regards,

-- 
  Nicolas George


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[tomas]

On Mon, Feb 28, 2022 at 09:20:07PM +0100, to...@tuxteam.de wrote:

[...]

> (in Debian, at least) /etc/network/interfaces is only root-readable. So

This is wrong (note to self: double-check things. Gah). Sorry for any
confusion.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[tomas]

On Mon, Feb 28, 2022 at 08:59:03PM +0100, Stella Ashburne wrote:
> Dearie,
> 
> Thanks for your reply.
> 
> > Sent: Tuesday, March 01, 2022 at 3:10 AM
> > From: to...@tuxteam.de
> > To: debian-user@lists.debian.org
> > Subject: Re: What should I put inside the file called wlan0?
> >
> >
> > So if you have this in your /etc/network/interfaces somewhere:
> >
> >   ...
> >   ## Bahn ICE
> >   iface wlan0 inet dhcp
> > wireless-essid WIFIonICE
> > wireless-mode Auto
> >   ...
> >
> > (it's actually my current setting, BTW :) you could swap that
> > out to some file under interfaces.d.
> 
> The contents of my current /etc/network/interfaces file are:
> 
> # The primary network interface
> allow-hotplug wlp3s0
> iface wlp7s0 inet static
> wpa-ssid JupiterRising
> wpa-psk {a long string of alphanumeric characters}
> address 192.168.1.99/24
> gateway 192.168.1.1
> # dns-* options are implemented by the resolvconf package, if 
> installed
> dns-nameservers 1.1.1.1 8.8.8.8
> 
> Are you saying that I can cut out the above contents and paste them into a 
> file called wlp7s0 (whose path is /etc/network/interfaces.d/)?

That's how I read that man page, yes (disclaimer: I haven't actually
tried).

However, if I remember your original post correctly, there were security
reasons mentioned (about a possibly world readable /etc/network/interfaces,
and splitting out an .../interfaces.d/wlan0 as a fix), Note that by default
(in Debian, at least) /etc/network/interfaces is only root-readable. So
this wouldn't be the reason you'd want to do the split (there are other
valid reasons, though).

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie,

> Sent: Tuesday, March 01, 2022 at 4:08 AM
> From: "Brian" 
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> You do not want just anyone to read /etc/network/interfaces?
>
>   chmod 600 /etc/network/interfaces
>
That's the recommended step in said Wiki.

What's the default chmod value of /etc/network/interfaces?

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[Brian]

On Mon 28 Feb 2022 at 19:49:32 +0100, Stella Ashburne wrote:

> I quote from Debian Wiki (https://wiki.debian.org/WiFi/HowToUse) :
> 
> "Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
> key (PSK) disclosure (alternatively use a separate config file such as 
> /etc/network/interfaces.d/wlan0 on newer Debian versions): "
> 
> What should I put in the file called wlan0? Said wiki does not provide 
> examples.

You do not want just anyone to read /etc/network/interfaces?

  chmod 600 /etc/network/interfaces

-- 
Brian.

Re: What should I put inside the file called wlan0?

[Stella Ashburne]

Dearie,

Thanks for your reply.

> Sent: Tuesday, March 01, 2022 at 3:10 AM
> From: to...@tuxteam.de
> To: debian-user@lists.debian.org
> Subject: Re: What should I put inside the file called wlan0?
>
>
> So if you have this in your /etc/network/interfaces somewhere:
>
>   ...
>   ## Bahn ICE
>   iface wlan0 inet dhcp
> wireless-essid WIFIonICE
> wireless-mode Auto
>   ...
>
> (it's actually my current setting, BTW :) you could swap that
> out to some file under interfaces.d.

The contents of my current /etc/network/interfaces file are:

# The primary network interface
allow-hotplug wlp3s0
iface wlp7s0 inet static
wpa-ssid JupiterRising
wpa-psk {a long string of alphanumeric characters}
address 192.168.1.99/24
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 1.1.1.1 8.8.8.8

Are you saying that I can cut out the above contents and paste them into a file 
called wlp7s0 (whose path is /etc/network/interfaces.d/)?

Best regards.

Stella

Re: What should I put inside the file called wlan0?

[tomas]

On Mon, Feb 28, 2022 at 07:49:32PM +0100, Stella Ashburne wrote:
> I quote from Debian Wiki (https://wiki.debian.org/WiFi/HowToUse) :
> 
> "Restrict the permissions of /etc/network/interfaces, to prevent pre-shared 
> key (PSK) disclosure (alternatively use a separate config file such as 
> /etc/network/interfaces.d/wlan0 on newer Debian versions): "
> 
> What should I put in the file called wlan0? Said wiki does not provide 
> examples.

man 5 interfaces provides the relevant bits: by default, the files
in interfaces.d are (textually) included in interfaces. So each
of those files can basically have a "snippet" of what you would
put in interfaces (to avoid losing sanity, whole stanzas seem
recommendable).

So if you have this in your /etc/network/interfaces somewhere:

  ...
  ## Bahn ICE
  iface wlan0 inet dhcp
wireless-essid WIFIonICE
wireless-mode Auto
  ...

(it's actually my current setting, BTW :) you could swap that
out to some file under interfaces.d.

Cheers
-- 
t


signature.asc
Description: PGP signature

What should I put inside the file called wlan0?

[Stella Ashburne]

I quote from Debian Wiki (https://wiki.debian.org/WiFi/HowToUse) :

"Restrict the permissions of /etc/network/interfaces, to prevent pre-shared key 
(PSK) disclosure (alternatively use a separate config file such as 
/etc/network/interfaces.d/wlan0 on newer Debian versions): "

What should I put in the file called wlan0? Said wiki does not provide examples.

Best regards.

Stella