Difference between revisions of "Netctl"

From ArchWiki
Jump to: navigation, search
m (Fix typo in package link)
Line 23: Line 23:
*{{Pkg|ifenslaved}}, for bond connections
*{{Pkg|ifenslaved}}, for bond connections
*{{Pkg|bridge-utils}}, for bridge connections
*{{Pkg|bridge-utils}}, for bridge connections
*{{Pkg|ppp}, for pppoe connection
*{{Pkg|ppp}}, for pppoe connection
==Recommended Reading==
==Recommended Reading==

Revision as of 21:06, 22 March 2013

Summary help replacing me
A guide to configuring the network using netctl and network profile scripts.

Netctl is a new Arch project slated to replace netcfg. Users should regard it as the future of CLI-based network management on Arch Linux.


The netctl package is available in the official repositories. Installing netctl will replace netcfg. As of netctl version 0.7, optional dependencies include

Recommended Reading

Considerable effort has gone into the construction of quality man pages. Users are encouraged to read the following man pages prior to using netctl:

  • netctl
  • netctl.profile
  • netctl.special


netctl may be used to introspect and control the state of the systemd services for the network profile manager. Example configuration files are provided for the user to assist them in configuring their network connection. These example profiles are located in /etc/netctl/examples/. The common configurations include:

  • ethernet-dhcp
  • ethernet-static
  • wireless-wpa
  • wireless-wpa-static

To use an example profile, simply copy one of them from /etc/netctl/examples/<profile> to /etc/netctl/<profile> and configure it to your needs:

# cp /etc/netctl/examples/wireless-wpa /etc/netctl/my-wireless-wpa

Once you have created your profile, make an attempt to establish a connection using the newly created profile by running:

# netctl start <profile>

If issuing the above command results in a failure, then use journalctl -xn and netctl status <profile> in order to obtain a more in depth explanation of the failure. Make the needed corrections to the failed configuration and retest.

Once the profile is started successfully then it can be enabled using netctl enable <profile>. This will create the proper symlink for the profile to be used by netctl-auto@.service.

Note: the systemd service netctl-auto@.service will need to be enabled in order to allow automatic wireless connection at boot to become functional
Note: If there is ever a need to alter a currently enabled profile. netctl reenable <profile> will have to executed in order to apply the changes.

Migrating from netcfg

netctl uses /etc/netctl to store its profiles whereas netcfg used /etc/network.d for the same purpose.

In order to migrate from netcfg, at least the following is needed:

  • Move network profile files to the new directory.
  • Rename variables therein according to netctl.profile(5) (most have only become CamelCase i.e CONNECTION= becomes Connection=).
  • Unquote interface variables and other variables that don't strictly need quoting (this is mainly a style thing).
  • Run netctl enable <profile> for every profile in the old NETWORKS array. 'last' doesn't work this way, see netcfg.special(7).
  • Use netctl list / netctl start <profile> instead of netcfg-menu. wifi-menu remains available.

Password Encryption (256-bit PSK)

Users not wishing to have their passwords stored in plain text have the option of generating a 256-bit Encrypted PSK.

If you have not done so already, install wpa_actiond from the core repository using pacman

 # pacman -Syu wpa_actiond

Next, generate your 256-bit Encrypted PSK using wpa_passphrase:

Usage: wpa_passphrase [ssid] [passphrase]
$ wpa_passphrase archlinux freenode

In a second terminal window copy the example file wireless-wpa from /etc/netctl/examples to /etc/netctl.

# cp /etc/netctl/examples/wireless-wpa /etc/netctl/wireless-wpa

You will then need to edit /etc/netctl/wireless-wpa using your favorite text editor and add the Encrypted Pre-shared Key that was generated early using wpa_passphrase to the Key variable of this profile.

Once completed your network profile wireless-wpa containing a 256-bit Encrypted PSK should resemble:

Note: Make sure to use the special non-quoted rules for Key= that are explained at the end of netctl.profile(5)
Description='A simple WPA encrypted wireless connection using 256-bit Encrypted PSK' Interface=wlp2s2 Connection=wireless Security=wpa IP=dhcp ESSID=archlinux Key=\"64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a


Official announcement thread: https://bbs.archlinux.org/viewtopic.php?id=157670