lnorg/documentation
1
2
Fork 0
Code Issues 30 Pull requests Projects 6 Activity
documentation/docs/alpine-desktop-setup/post-install/network.md

77 lines
No EOL
1.8 KiB
Markdown
Raw Blame History

# Network
## Using wifi
Although `dhcp` will already work out of the box, wifi will not. Luckily there exists `wpa_supplicant`. First install the necessary packages:
```
# apk add networkmanager-wifi wpa_supplicant
```
Then configure `/etc/NetworkManager/NetworkManager.conf` to use `wpa_supplicant`:
```
[main]
dhcp=internal
plugins=ifupdown,keyfile
[ifupdown]
managed=true
[device]
wifi.scan-rand-mac-address=yes
wifi.backend=wpa_supplicant
```
Now restart the service and you should be able to connect with wifi.
```
# rc-service networkmanager restart
```
There are different frontends to configure connections but for now install `networkmanager-tui`:
```
# apk add networkmanager-tui
# nmtui
```
It should be self-explanatory how to use it.
To make it possible for users to edit connections create the config file `/etc/NetworkManager/conf.d/no-polkit.conf` with:
```
[main]
auth-polkit=false
```
## Using a VPN
NetworkManager can already use WireGuard but to use other VPN's it might be necessary to install their corresponding plugin. For OpenVPN that would be:
```
# apk add networkmanager-openvpn
```
## Security considerations
NetworkManager defaults are fine for normal usage but in terms of security they are definitely lacking.
### MAC Randomization
Create a config file `/etc/NetworkManager/conf.d/mac-rand.conf` to randomize the mac address every time your computer connects:
```
[connection-mac-randomization]
ethernet.cloned-mac-address=random
wifi.cloned-mac-address=random
```
### IPv6 privacy
Although ipv6 will be turned off in the [security section](https://docs.bijl.us/alpine-desktop-setup/post-install/security/#cmdline) you can still turn it on by editing `/etc/NetworkManager/conf.d/ipv6-privacy.conf`:
```
[connection]
ipv6.ip6-privacy=2
```
Reference in a new issue View git blame Copy permalink