HOWTO: Configure Ubuntu to work with WEP preshared-key

I've been having a hell of a time getting Ubuntu to connect to my wireless network at home. I have 128bit WEP setup with a preshared key.

I finally got it to work today. It turns out there's a sort of hack you have to do to get it to work with certain wireless routers.

These directions work with "Edgy Eft":

1. Run System -> Administration -> Networking

2. The Networking Settings panel pops up.

3. Highlight your Wireless Connection and choose "Properties."

4. Make sure your network name matches your access point's SSID.

5. Choose password type: "Hexadecimal"

6. HERE'S THE WEIRD PART: In the Password box, instead of just the password, you need to prefix it with the word 'restricted' and a space - man iwconfig to see why this works. However, the password box is NOT the correct place for this keyword.


IN the Password Box type:

restricted xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xx

where xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xx is the hex representation of the wep key you choose.

What a PITA! Guys, let's add a check box or something!


  1. Thanks,

    Tried for hours to access by WEP and the various network passwords I used just did not work. The network password box is a misnonomer! The hexdecimal key selected in the router is what is required prefixed by 'register followed by a space. How you ever found this out I d'ont know. It has been a great help to get my Ubuntu wireless networking running (using D-Link DI-624+ wireless router and D-Link DWL-G630 Air Extreme notebook adaptor card. It is a pity that Ubuntu does not accept WPA -PSK encryption using a passphrase (much easier to setup).

    John, South Australia.

  2. Yea, after wasting *HOURS* trying to get my wireless card working, I stumbled upon a forum post that explained adding the 'restricted' keyword.

    Aparently the GUI is just a facade over iwconfig - it just generates a iwconfig command with appropriate arguments. But they really didn't test different scenarios because they miss the restricted keyword. Basically this little trick has us injecting extra arguments in front of the WEP key that gets passed along to the iwconfig command that allow it work in this scenario. This almost is a security injection vulnerability (except with sudo you have to type in the root password to run this to begin with).

  3. Many thanks for this. Just tried this on Hardy and took care of my problem

  4. Will it work with a text password (NOT in HEX)?

  5. Not completely sure...

    Since the Network Settings panel just interfaces with the iwconfig command in the backend you might be able to just type in the password. You'd obviously want to leave the "Hexadecimal" part may also need to put in some additional command line options into the password box - perhaps try 'restricted s:mypassword' - however, if the Network Configuration GUI already passes the 's:' to the iwcommand, you may have to pass restricted keyword AFTER your password like 'mypassword restricted' or something like that.
    but that's just a guess...
    'man iwconfig' and see what options there are.

  6. con el mismo problema de no poder conectar mi wifi al access point con seguridad WEP de 128 bits.

    Cabe mensionar que el sistema que tengo es un: linux con el kernel 2.6.32-21-generic en la distribución ubuntu version 10.04. la wifi es una Broadcom Corporation BCM4312 802.11b/g (rev 01) con el controlador inalambrico broadcom sta activado.

    El problema quedó solucionado con el siguiente comando: sudo iwconfig INTERFAZ essid "ID_DEL_AP" key restringido CLAVE_DE_26_DIGITOS_HEX
    INTERFAZ es la interfaz a la que está asociada la wifi. en mi caso es eth1.
    ID_DEL_AP es el identificador del acces point, que se obtiene al dar la orden iwlist, en el campo essid.
    CLAVE_DE_26_DIGITOS_HEX: la clave de 128 bits (26 digitos hex) asignada al access point.