I have the following configuration in the dietpi.txt file:
# If both Ethernet and Wifi are enabled, Wifi will take priority and Ethernet will be disabled.
# 1=enabled
AUTO_SETUP_NET_ETHERNET_ENABLED=1
AUTO_SETUP_NET_WIFI_ENABLED=1
And the following in my dietpi-wifi.txt file:
#---------------------------------------------------------------
# - Entry 0
# WiFi SSID (Case Sensitive)
aWIFI_SSID[0]='looney'
# Key options: If no key (open), leave this blank
aWIFI_KEY[0]='qwertyuiop[]\'
# Available options: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below)
aWIFI_KEYMGR[0]='WPA-PSK'
# - WPA-EAP Options
It seems to only work when the SSID is being broadcast, what do I need to do for it to work with a hidded SSID?
First, if you use WiFi, could you disable Ethernet? There is a known issue when having both enabled but connected to different subnets: https://github.com/MichaIng/DietPi/issues/2103
In such cases a route table is required so the systemd knows which request to send to which network interface.
Aside from that, I personally never tried to connect to hidden SSIDs with DietPi, but AFAIK if the dietpi-wifi.txt entries match, it should not play a role. Only SSID scanning via dietpi-config of course will not lead to a result. However I will try to replicate it here if I find time tomorrow to see if there is really something special needed for hidden SSIDs.
EDIT
Could you try to add ap_scan=2 or ap_scan=1 to the top of /etc/wpa_supplicant/wpa_suplicant.conf? I read in some search results that this can be required to catch hidden SSIDs.
About this setting from an example config file:
AP scanning/selection
By default, wpa_supplicant requests driver to perform AP scanning and then
uses the scan results to select a suitable AP. Another alternative is to
allow the driver to take care of AP scanning and selection and use
wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association
information from the driver.
1: wpa_supplicant initiates scanning and AP selection; if no APs matching to
the currently enabled networks are found, a new network (IBSS or AP mode
operation) may be initialized (if configured) (default)
0: driver takes care of scanning, AP selection, and IEEE 802.11 association
parameters (e.g., WPA IE generation); this mode can also be used with
non-WPA drivers when using IEEE 802.1X mode; do not try to associate with
APs (i.e., external program needs to control association). This mode must
also be used when using wired Ethernet drivers (including MACsec).
2: like 0, but associate with APs using security policy and SSID (but not
BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to
enable operation with hidden SSIDs and optimized roaming; in this mode,
the network blocks in the configuration file are tried one by one until
the driver reports successful association; each network block should have
explicit security policy (i.e., only one option in the lists) for
key_mgmt, pairwise, group, proto variables
Note: ap_scan=2 should not be used with the nl80211 driver interface (the
current Linux interface). ap_scan=1 is optimized work working with nl80211.
For finding networks using hidden SSID, scan_ssid=1 in the network block can
be used with nl80211.
When using IBSS or AP mode, ap_scan=2 mode can force the new network to be
created immediately regardless of scan results. ap_scan=1 mode will first try
to scan for existing networks and only if no matches with the enabled
networks are found, a new IBSS or AP mode network is created.
The thing is I need it to work on first boot without modifying anything other than the two config files or some other file in the fat 32 partition that is accessible to windows.
I have tested multiple times and it only works when SSID is broadcasting.
Is there something else that I need to change in the config files?
AFAIK scan_ssid=1 (which is in our wpa_supplicant.conf by default) should already allow connecting to hidden SSIDs, however the other option at least it work to try in your case.
If you have no change to connect the device via Ethernet first or access to local terminal via monitor + keyboard, then there is one thing you could do, using our custom pre-setup script feature.
For this create the file Automation_Custom_PreScript.sh directly besides dietpi.txt which should change the WiFi script to add ap_scan=2 to the wpa_supplicant.conf:
#!/bin/bash
sed -i '/update_config=1/a\ap_scan=2' /DietPi/dietpi/func/dietpi-wifidb
Please assure that this file is created with UFT-8 and Unix line endings, to prevent possible issues. E.g. on Windows Notepad++ allows this. Not sure if it’s really required for bash but just as a failsafe.
Great, thanks for feedback. Okay, I am not 100% sure if this might include issues for other network device + AP setups. I think since v6.22 is about to be released this weekend, we will leave it for now, but I will add this as issue to GitHub to test thoroughly and in case implement into v6.23.