Difference between revisions of "Netctl (简体中文)"

From ArchWiki
Jump to navigation Jump to search
(密码加密(256-bit PSK))
m (密码加密(256-bit PSK))
Line 139: Line 139:
* 1=请使用'''special non-quoted rules''' 设置 Key=,参阅 [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)]
* 请使用'''special non-quoted rules''' 设置 Key=,参阅 [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)]
* 配置文件中的 Key 足够连接到 WPA-PSK 网络。也就是说,此方法仅仅将密码变得不可读,但是只要用户能够读取配置文件,就能连接到网络。请不要使用相同的密码作为网络密码。
* 配置文件中的 Key 足够连接到 WPA-PSK 网络。也就是说,此方法仅仅将密码变得不可读,但是只要用户能够读取配置文件,就能连接到网络。请不要使用相同的密码作为网络密码。

Revision as of 14:18, 27 July 2013

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary end

翻译状态: 本文是英文页面 Netctl翻译,最后翻译时间:2013-04-11,点击这里可以查看翻译后英文页面的改动。

Netctl 是基于命令行的网络管理器,支持场景配置。它是 Arch 的项目,取代了原来的 netcfg


netctl 软件包已经进入官方软件仓库.

netctlnetcfgAUR相互冲突,安装 netctl 会替换掉netcfgAUR。如果配置不正确,可能导致连接中断。

Note: 请使用systemctl --type=service确保其它可以配置网络的服务都没有运行,同时使用多个网络配置工具会导致冲突。




netctl 可以用来检查和控制 systemd 网络配置管理服务的状态。软件提供了一些配置文件的示例以供参考。这些示例位于/etc/netctl/examples/,包括:

  • ethernet-dhcp
  • ethernet-static
  • wireless-wpa
  • wireless-wpa-static

如果使用无线网络,命令wifi-menu -o可以在/etc/netctl自动生成配置文件。


# cp /etc/netctl/examples/wireless-wpa /etc/netctl/profile


# netctl start profile

如果命令出错,可以使用 journalctl -xnnetctl status <profile> 检查出错原因。修正重新设置。

Automatic operation

If you use only one profile (per interface) or want to switch profiles manually, the basic method will do. Most common examples are servers, workstations, routers etc.

If you need to switch multiple profiles frequently, use Automatic switching of profiles. Most common examples are laptops.

Basic method

With this method, you can statically start only one profile per interface. First manually check that the profile can be started successfully, then it can be enabled using

# netctl enable profile

This will create and enable a systemd service that will start when the computer boots.

Note: The connection is only established if the profile can be started succesfully at boot time (or when the service starts). That specifically means, in case of wired connection the cable must be plugged-in, in case of wireless connection the network must be in range.
Tip: To enable static IP profile on wired interface no matter if the cable is connected or not, use SkipNoCarrier=yes in your profile.

Automatic switching of profiles

netctl provides two special services for automatic switching of profiles: netctl-auto@interface.service for wireless interfaces, and netctl-ifplugd@interface.service for wired interfaces. Using netctl-auto@interface.service, netctl profiles change as you move from range of one network into range of other network. Using netctl-ifplugd@interface.service, netctl profiles change as you plug the cable in and out.

Note: netcfg used net-auto-wireless.service and net-auto-wired.service for this purpose.

First install required packages:

  • Package wpa_actiond is required to use netctl-auto@interface.service.
  • Package ifplugd is required to use netctl-ifplugd@interface.service.

Now configure all profiles that netctl-auto@interface.service or netctl-ifplugd@interface.service can start. If you want some profile not to be started automatically by these services, you have to explicitly add ExcludeAuto=yes to that profile. You can use Priority= to set priority of some profile when multiple profiles are available. See netctl.profile(5) for details.

Warning: Automatic selection of a WPA-enabled profile by netctl-auto is not possible with option Security=wpa-config, please use Security=wpa-configsection instead.

Once your profiles are set and verified to be working, simply enable these services with

# systemctl enable netctl-auto@interface.service 
# systemctl enable netctl-ifplugd@interface.service  
Warning: If any of the profiles contain errors, such as an empty Key= variable, the unit will fail to load at boot.
Warning: This method conflicts with the basic method. If you have previously enabled a profile through netctl, run
# netctl disable profile
to prevent the profile from starting twice at boot.

从 netcfg 迁移的方法

netctl 使用 /etc/netctl 保存配置,而不是 /etc/network.d (netcfg保存配置的位置).

从 netcfg 迁移,请执行:

  • 禁用 netcfg 服务: # systemctl disable netcfg.service.
  • 删除 netcfg,然后安装 netctl
  • 将老的网络配置移动到新目录
  • 根据 netctl.profile(5) 修改变量名称(主要是大小写变化,例如 CONNECTION 变成 Connection).
  • For static IP configuration make sure the Address variables have a netmask after the IP (e.g. Address=('' '') in the example profile).
  • If you setup a wireless profile according in the wireless-wpa-configsection example, note that this overrides wpa_supplicant options defined above the brackets. For a connection to a hidden wireless network, add scan_ssid=1 to the options in the wireless-wpa-configsection; Hidden=yes does not work there.
  • 接口变量和其他变量不再需要引号(这仅仅是风格变化).
  • 为每一个配置执行netctl enable profile, last工作方式有变化,参阅 netctl.special(7).
  • 使用 netctl list / netctl start <profile> 替换 netcfg-menu. wifi-menu 依然保留。
  • Unlike netcfg, by default netctl fails to bring up a NIC when it is not connected to another powered up NIC. To solve this problem, add SkipNoCarrier=yes at the end of your /etc/netctl/profile.

密码加密(256-bit PSK)

不想用明文保存密码的用户可以使用 256 位加密 PSK,数据是通过密码和 SSID 通过标准算法生成。

  • 方法1: 使用 wifi-menu -o/etc/netctl 中生成配置文件。
  • 方法2: 下面有手动配置方法,如果密码失败,可以试试删除 Key= 中的 \"

不管使用哪种方法,都建议用 chmod 600 /etc/netctl/<config_file> 限制一般用户的访问权限。

然后用wpa_passphrase生成256位加密 PSK:

Usage: wpa_passphrase [ssid] [passphrase]
$ wpa_passphrase archlinux freenode

在第二个终端将/etc/netctl/examples/wireless-wpa 复制到 /etc/netctl

# cp /etc/netctl/examples/wireless-wpa /etc/netctl/wireless-wpa

编辑/etc/netctl/wireless-wpa,将之前生成的Encrypted Pre-shared Key设置到Key


Description='A simple WPA encrypted wireless connection using 256-bit PSK'
注意: * 请使用'''special non-quoted rules''' 设置 Key=,参阅 [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)] * 配置文件中的 Key 足够连接到 WPA-PSK 网络。也就是说,此方法仅仅将密码变得不可读,但是只要用户能够读取配置文件,就能连接到网络。请不要使用相同的密码作为网络密码。


官方通知帖: https://bbs.archlinux.org/viewtopic.php?id=157670


目前还没有功能能够替换 'netcfg current'. 如果需要,请使用:

netctl list|grep \*|sed 's/\*//'|sed 's/\ //'