A collection of scripts to easily set up, manage, and reset WiFi access points on Linux devices. Only tested on Jetson Orin Nano but should work on any machine running Network Manager.
These scripts provide a simple command-line interface for creating and managing WiFi access points using NetworkManager. The scripts handle interface detection, configuration validation, and provide safety features like confirmation prompts and clean reset functionality.
| Script | Purpose |
|---|---|
wifi-ap.sh |
Main script for creating access points and resetting configurations |
wifi-ap-sudo.sh |
Sudo wrapper for automatic privilege escalation |
wifi-ap-reset.sh |
Dedicated reset script for cleaning up AP configurations |
wifi-ap-control.sh |
Management script for start/stop/status operations |
wifi-ap-control-sudo.sh |
Sudo wrapper for the control script |
# Basic usage (will prompt to choose interface if multiple available)
sudo ./wifi-ap.sh "MyAP" "mypassword123"
# Specify interface explicitly
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0
# Use 5GHz band (if hardware supports it)
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 36 5
# Auto-select best channel (scans for least congested)
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 auto
# 5GHz with auto channel selection
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 auto --band=5
# Skip confirmation prompts (for scripting)
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 --force
# Replace existing configuration automatically
sudo ./wifi-ap.sh "MyAP" "mypassword123" --replace# Automatically handles sudo privileges
./wifi-ap-sudo.sh "MyAP" "mypassword123"# Remove all AP configurations and restore client mode
sudo ./wifi-ap.sh --reset
# Silent reset (no confirmation)
sudo ./wifi-ap.sh --reset --force
# Using dedicated reset script
./wifi-ap-reset.sh# Switch band from 2.4GHz to 5GHz
sudo ./wifi-ap.sh --update-band MyAP-AP 5 149
# Switch to 2.4GHz with auto channel selection
sudo ./wifi-ap.sh --update-band MyAP-AP 2.4 auto
# Change band while keeping AP running (preserves SSID, password, etc.)
sudo ./wifi-ap.sh --update-band MyAP-AP 5sudo ./wifi-ap.sh <SSID> <PASSWORD> [INTERFACE] [CHANNEL] [IP_ADDRESS] [BAND] [OPTIONS]- SSID (required): Name of the WiFi access point
- PASSWORD (required): Password for the access point (minimum 8 characters)
- INTERFACE (optional): WiFi interface to use (wlan0, wlan1, etc.)
- CHANNEL (optional): WiFi channel or 'auto' for automatic selection (default: 7 for 2.4GHz, 36 for 5GHz)
- IP_ADDRESS (optional): IP address for the access point (default: 192.168.4.1/24)
- BAND (optional): WiFi band - 2.4 or 5 (default: 2.4)
--force: Skip confirmation prompts (useful for scripted usage)--replace: Automatically replace existing connections--reset: Remove all AP connections and restore client mode--band=2.4or--band=5: Specify WiFi band--update-band=<CONNECTION_NAME> <BAND> [CHANNEL]: Update band/channel of existing AP
Automatic Channel Selection
- Use
autoas the channel parameter to scan nearby networks - Automatically selects the least congested channel
- For 2.4GHz: Chooses among non-overlapping channels 1, 6, 11
- For 5GHz: Selects from common channels (36, 40, 44, 48, 149, 153, 157, 161, 165)
- Excludes your own AP from interference calculations
Dual-Band Support (2.4GHz / 5GHz)
- Hardware capability checking ensures compatibility
- Automatic validation of channel numbers for selected band
- 2.4GHz channels: 1-14
- 5GHz channels: 36, 40, 44, 48, 52-64, 100-144, 149-165 (varies by region)
Band Switching
- Update existing AP's band without recreating it
- Preserves SSID, password, and other settings
- Automatically restarts AP with new configuration
WPS Disabled
- WPS (PIN authentication) is explicitly disabled
- Uses standard WPA2-PSK with password authentication
- Improved security with WPA2-AES (CCMP) encryption
DHCP Server
- Automatically runs dnsmasq for client IP assignment
- NetworkManager's shared connection mode handles NAT/forwarding
- No manual configuration required
The script uses intelligent interface detection:
- Existing AP: If an interface is already running an AP, defaults to updating that interface
- Multiple Interfaces: Forces user to specify which interface to use
- Single Interface: Automatically selects the only available managed interface
- Filters: Excludes P2P interfaces (
p2p-dev-*) and unmanaged interfaces
sudo ./wifi-ap-control.sh [COMMAND] [CONNECTION_NAME] [INTERFACE]start [name] [interface]: Start access point connectionstop [name]: Stop access point connection (default: all APs)restart [name] [interface]: Restart access point connectionstatus [name]: Show status of access point(s)list: List all WiFi connectionsdelete [name]: Delete access point connectioninterfaces: Show available WiFi interfaces
# Show status of all access points
sudo ./wifi-ap-control.sh status
# Start a specific AP
sudo ./wifi-ap-control.sh start MyAP-AP wlan1
# Stop all access points
sudo ./wifi-ap-control.sh stop
# Delete a specific AP configuration
sudo ./wifi-ap-control.sh delete MyAP-AP- NVIDIA Jetson Orin Nano (or compatible device)
- NetworkManager (
nmclicommand) - Root privileges (sudo)
- At least one WiFi interface
- Access point passwords must be at least 8 characters long
- WPA2-PSK security with AES-CCMP encryption is automatically configured
- WPS (WiFi Protected Setup) is explicitly disabled for better security
- DHCP server automatically assigns IP addresses to clients
- Consider using strong, unique passwords for production use
- Band Support: Script automatically checks if your WiFi adapter supports the requested band
- 2.4GHz Only: Some adapters only support 2.4GHz (channels 1-14)
- Dual-Band: Modern adapters support both 2.4GHz and 5GHz
- The script will display an error if you try to use an unsupported band
- Use
iw phyto check your hardware capabilities
- The scripts work with regular WiFi interfaces (
wlan0,wlan1) - P2P interfaces (
p2p-dev-*) are not suitable for access points - Unmanaged interfaces are ignored during auto-detection
- Creating an AP will disconnect the interface from any existing client connections
- The reset function cleanly removes all AP configurations
- Multiple APs can run simultaneously on different interfaces
Permission Denied
# Solution: Use sudo or the wrapper scripts
sudo ./wifi-ap.sh "MyAP" "mypassword123"
# OR
./wifi-ap-sudo.sh "MyAP" "mypassword123"No WiFi Interfaces Found
# Check available interfaces
nmcli dev status | grep wifi
# Ensure NetworkManager is running
sudo systemctl status NetworkManagerConnection Already Exists
# Use --replace flag to automatically replace
sudo ./wifi-ap.sh "MyAP" "mypassword123" --replace
# Or manually delete existing connection
sudo ./wifi-ap-control.sh delete "MyAP-AP"Unsupported Band
# Error: Interface 'wlan1' does not support 5GHz band
# Solution: Check supported bands
iw phy | grep -A 5 "Band"
# Use a dual-band adapter or switch to 2.4GHz
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 --band=5 # Use wlan0 instead
# OR
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan1 --band=2.4 # Use 2.4GHzClients Can't Connect (PIN Required)
# This has been fixed - WPS is now disabled by default
# If using an older version, update to the latest script
# The script now uses WPA2-PSK with password authenticationInterface Busy
# Reset to clean state
sudo ./wifi-ap.sh --reset
# Then recreate your access point
sudo ./wifi-ap.sh "MyAP" "mypassword123"# Create a simple home access point (2.4GHz)
./wifi-ap-sudo.sh "MyAP" "mypassword123"
# 5GHz for better performance (if supported)
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 --band=5# Let the script find the best 2.4GHz channel
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 auto
# Best 5GHz channel
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 auto --band=5# Create development AP with custom settings
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan1 6 192.168.100.1/24 2.4 --force
# High-speed 5GHz development network
sudo ./wifi-ap.sh "MyAP" "mypassword123" wlan0 149 192.168.100.1/24 5# Switch existing AP from 2.4GHz to 5GHz
sudo ./wifi-ap.sh --update-band MyAP-AP 5 149
# Switch to 2.4GHz with automatic channel selection
sudo ./wifi-ap.sh --update-band MyAP-AP 2.4 auto
# Quick switch to 5GHz with default channel
sudo ./wifi-ap.sh --update-band MyAP-AP 5# Quick test setup
sudo ./wifi-ap.sh "MyAP" "mypassword123" --force
# Clean up when done
sudo ./wifi-ap.sh --reset --force# Scripted deployment with error handling
if sudo ./wifi-ap.sh "MyAP" "$(cat /secure/ap_password)" wlan0 --force; then
echo "Access point deployed successfully"
sudo ./wifi-ap-control.sh status
else
echo "Deployment failed"
exit 1
fi- Privilege Check: Verifies sudo/root access
- Parameter Validation: Checks SSID, password length, and options
- Interface Detection: Smart auto-detection or validation of specified interface
- Conflict Resolution: Handles existing connections with user confirmation
- Configuration: Creates NetworkManager connection with proper settings
- Activation: Starts the access point and reports status
- NetworkManager Documentation
- NVIDIA Jetson Orin Nano Developer Kit User Guide
- WiFi Access Point Configuration Guide
This code was generated by AI (GitHub Copilot/Claude) and should be reviewed and tested thoroughly before use in production environments. While the scripts include safety measures and error handling, users are responsible for:
- Testing in non-production environments first
- Understanding the security implications of running WiFi access points
- Ensuring compliance with local wireless regulations
- Monitoring and maintaining the access point configurations
- Backing up existing network configurations before use
The AI-generated code is provided "as-is" without warranties. Users should validate the functionality and security for their specific use cases.
This project is provided for educational and development purposes. Please ensure compliance with your organization's policies and local regulations regarding WiFi access point deployment.
Generated with AI assistance - Always review and test before production use