Linux USES NetworkManager to randomly generate your MAC address

These days, you can connect to Wi-ES2en on your laptop and stay connected to the outside world, whether you're at home on your couch or in a coffee shop. But today's ES3en-ES4en hotspots mostly track your device using the only MAC address for each network card. Here's how to avoid being tracked.
Nowadays many people have begun to pay attention to the issue of personal privacy. Personal privacy is not just about preventing other people from accessing private content on your computer (another issue). It's more about traceability (legibility), which means that it can be easily counted and tracked. Everyone should pay more attention to it. At the same time, the bottom line here is that the service provider can only track the user after the user has authorized it, such as the airport timing ES8en-ES9en, which can only be used after the user has authorized it.
Since fixed MAC addresses can be easily traced, they should be replaced regularly, and random MAC addresses are a good choice. Since MAC address 1 is generally only used within the LAN, random MAC addresses are less likely to conflict.

NetworkManager profile

NetworkManager was developed as part of the freedesktoporg project, a free software project that provides a simple way for applications to communicate with each other. Background service for reporting, and a client program that allows users to manage network connections.
NetworkManager services: ES26en-ES27en Networking made Easy
Advantages of the NetworkManager: It simplifies the job of networking, making the desktop itself and other applications network-aware.
NetworkManager backend services: For GNOME and Xfce that is the ES37en-ES38en tool, and for KDE users it is KNetworkManager.
Earlier versions of NetworkManager (earlier known as NetworkMangler, or network meat grinder) were awkward to use, but now it's a powerful tool that makes managing the web a lot less painful.

Improvements and new features for the new version of NetworkManager

The new version of NetworkManager supports more network devices. Starting from 0.8.1, support for ModemManager for mobile broadband devices such as GSM, UMTS and CDMA CARDS has been added. There are also new features using ModemManager, such as the ability to display signal strength and select 2G/3G mode. You can also turn off roaming to avoid extra connection charges;
NetworkManager 0.8.1 also supports The use of Bluetooth, not only for personal Area Network (PAN) Internet access, but also for the old Bluetooth dial-up network (DUN) protocol. All (or most) supported devices can be found on wiki;
NetworkManager supports automatic configuration of IPv6 and static IP; The new version of NetworkManager will also bring DHCP support for IPv6
The new version of NetworkManager enhances device and protocol support, and the latest version of NetworkManager has a nice new client interface.
Command line interface: the most important feature of the latest version of NetworkManager: command line tool command, 1 NetworkManager command line interface.
NetworkManager has its own CLI tool: nmcli. Using nmcli, users can query the status of network connections as well as manage them. Advantages: primitive; The syntax is relatively simple; Using NetworkManager in CLI is easy to master.

Configuration NetworkManager

To random MAC address by default for all Wi - Fi connection, you need to create/etc NetworkManager/conf d / 00 - macrandomize conf this file:

[device]
wifi.scan-rand-mac-address=yes
[connection]
wifi.cloned-mac-address=stable
ethernet.cloned-mac-address=stable
connection.stable-id=${CONNECTION}/${BOOT}

Then restart NetworkManager:

systemctl restart NetworkManager

In the above configuration file, setting the value of ES105en-ES106en-ES107en to stable generates the same MAC address each time NetworkManager activates the connection, but USES a different MAC address when connecting. If you want to get the random MAC address each time you activate the connection, you need to set the value of ES113en-ES114en-ES115en to random.

Set to stable to get the same IP address from DHCP, or have the mandatory es122EN-ES123en home page (captive portal) remember your login status based on the MAC address. If set to random, you will need to recertify each time you connect (or click "I agree"), which is what you need to do with airport Wi-ES129en. See this NetworkManager blog post for detailed instructions on configuring specific connections from the terminal using nmcli.

Use the ip link command to see the current MAC address, which will appear after the word ether 1

$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp2s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:5f:d5:4e brd ff:ff:ff:ff:ff:ff
3: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether 52:54:00:03:23:59 brd ff:ff:ff:ff:ff:ff

When can't you randomize the MAC address

In some cases it does need to be traceable. For example, in a home network, a router may need to be configured to assign a 1-send IP address to the computer for port forwarding; For example, the employer of a company may need to provide Wi-ES149en services based on the MAC address, which may require tracking. To change the specific Wi-ES151en connection, use nmcli to view the NetworkManager connection and display the current Settings:

$ nmcli c | grep wifi
Amtrak_WiFi 5f4b9f75-9e41-47f8-8bac-25dae779cd87 wifi --
StaplesHotspot de57940c-32c2-468b-8f96-0a3b9a9b0a5e wifi --
MyHome e8c79829-1848-4563-8e44-466e14a3223d wifi wlp1s0
...
$ nmcli c show 5f4b9f75-9e41-47f8-8bac-25dae779cd87 | grep cloned
802-11-wireless.cloned-mac-address: --
$ nmcli c show e8c79829-1848-4563-8e44-466e14a3223d | grep cloned
802-11-wireless.cloned-mac-address: stable

This example USES a completely random MAC address on Amtrak (using the default configuration) and a permanent MAC address on MyHome (using the stable configuration). The permanent MAC address is assigned to the network interface during hardware production, and the network administrator can view the device manufacturer ID based on the permanent MAC address.

Change the configuration and reconnect to the active interface:

$ nmcli c modify 5f4b9f75-9e41-47f8-8bac-25dae779cd87 802-11-wireless.cloned-mac-address random
$ nmcli c modify e8c79829-1848-4563-8e44-466e14a3223d 802-11-wireless.cloned-mac-address permanent
$ nmcli c down e8c79829-1848-4563-8e44-466e14a3223d
$ nmcli c up e8c79829-1848-4563-8e44-466e14a3223d
$ ip link
...

You can also install it NetworkManager-tui , you can edit the connection through the visual interface menu.

When you walk on the road, you should pay attention to your surroundings and be alert to possible dangers. Also, be careful about your own traceability when using public Internet resources.

conclusion