Disable second SSID



  • I'd like to see a tutorial about disabling the secondary SSID. I.e. the one that you can use to log in initially. This would be nice, because it is still on, after connecting my home network, and this could be a way to hijack an omega for a tech-savy attacker.

    I know that it is probably enough for now to simply disable the Wireless interface in /etc/config/wireless but I'd like to also remove the corresponding sections in /etc/config/network /etc/config/dhcp and /etc/config/firewall. However I don't really know enough about OpenWRT yet to confidently modify those files. Would anyone like to collaborate with me on a tutorial about this? Or perhaps someone has already solved this and there is a solution, maybe even a script one could run?



  • I can confirm that commenting out the section in /etc/config/wireless like so:

    #config wifi-iface
    #       option device 'radio0'
    #       option network 'wlan'
    #       option mode 'ap'
    #       option encryption 'none'
    #       option ssid 'Omega-XXXX'
    

    Where XXXX is your name of the SSID.

    If I am not mistaken you then need to restart the wirless by using the wifi command like so:

    root@onion:~# wifi
    


  • There is also an option for the wifisetup script to disable (kill) the Access Point (AP):

    $ wifisetup -killap
    

    Though I am not yet sure what exactly this does but it might do the trick.



  • After putting all the config under version control, I can confirm, that wifisetup -killap will simply remove the wifi-iface as shown by the following difff:

    diff --git a/wireless b/wireless
    index f5bfbb3..b24bc29 100644
    --- a/wireless
    +++ b/wireless
    @@ -9,13 +9,6 @@ config wifi-device 'radio0'
     	option txpower '30'
     	option country 'US'
     
    -config wifi-iface
    -	option device 'radio0'
    -	option network 'wlan'
    -	option mode 'ap'
    -	option encryption 'none'
    -	option ssid 'Omega-XXXX'
    -
     config wifi-iface
     	option device 'radio0'
     	option mode 'sta'
    


  • Maybe that should be made part of the setup instructions, at least that it is optional? Almost all the unboxing videos have stated that this is an issue. cc @Lazar-Demin



  • I have been thinking some more about this and maybe we should attempt to disable the DHCP-Server dnsmasq and maybe remove the firewall zones?


  • administrators

    @Valentin-Haenel
    Thanks for putting up your findings!

    We're working on tutorials regarding the wireless configuration. And we're also doing some work in terms of connecting to wifi networks. Stay tuned!



Looks like your connection to Onion Community was lost, please wait while we try to reconnect.