HOWTO Change Your Network Cards MAC Address
Every network card, wired or wireless, has a unique MAC address set in store in the firmware. There may be many good reasons why you would want to hide the unique hardware-hardwired MAC address that identifies your network card. This is specially true if you use a laptop to connect to wireless access points at potentially hostile locations on a regular basis. Here's how you can make your network card identify using a new random MAC address every time you boot a GNU/Linux desktop or laptop computer.
Why A Fixed MAC Address Can Be A Problem
An increasing number of public wireless access points track who connect to them and when. Some secretly log additional information such as DNS queries. The amount of useful data that can be gathered and tied to you will be limited if your laptop is seen as an entirely new device each and every time it shows up. A cafe or university or library can collect and gather and correlate a whole lot more data if what they see as the same device shows up 10 or 50 times.
HOWTO generate a random MAC address
You are supposed to set the top byte of a locally generated MAC address to 0x02 to signal that it is locally administered. Other MAC addresses are supposed to be centrally registered with and managed by the IEEE. You may or may not want to care about that: On one hand, it is always polite to respect standards. On the other hand, it's a consistent piece of information. "It's him, officer, that's the guy who always connects using a random MAC address starting with 02".
A random MAC address starting with
02 can be generated with:
printf '02:%02X:%02X:%02X:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256))
This oneliner can be used in a simple script. Make sure you change the interface (
enp2s0 in this example to a correct one:
Make the file executable with
chmod a+x /usr/local/bin/fakenetworkmac.sh
You can use a simple
for loop if you have multiple interfaces.
|Note: You can not change a network interfaces MAC address when the interface is up. Add |
HOWTO Change The Mac Address Before Your Network Interfaces Are Activated
GNU/Linux distributions running systemd, and that's most of them, can be made to change the MAC address before network interfaces go up using a systemd service file. Note that you will not be able to change the MAC address once a network interface is up.
Before=network.target line. It is important, that line is what ensures that this service is started before the network interfaces go live.
Now reload the systemd daemons:
And enable your new service:
systemctl enable fakenetworkmac.service
That's it. You should now get a fresh new random MAC address on each and every reboot.
Disadvantages To Be Aware Of
A fresh new MAC address will result in a new IP every boot since
DHCP servers see it as a new device. That makes it impossible to
ssh to the machine by remembering its LAN ip. That can be solved by using something like
avahi-dameon in order to get a
.local domain you can consistently use to access the machine from your local network.
If you have setup your LAN to only allow services by IP then you've shot yourself in the foot in so many ways. Such services would have to be reconfigured to allow the whole
/24 IPv4 network or use some form of actual authentication.
Generating A Random Mac Address Using Python
Distribution-Specific Methods Of Setting A Custom MAC Address
The above method using a systemd service will work on any distribution. There are, alternatively, distribution specific methods. One major problem with those is that they will let you set a MAC address but they will not let you use a fresh new random one each and every reboot.
openSUSE and other SUSE-based systems allow you to set a MAC address using
Red Hat Enterprise Linux (RHEL) family distributions allow you to set a MAC address in the same way as openSUSE except that the MAC has to be specified with
Do note that
HWADDR, if present, is used by these scripts to identify network interfaces using the initial MAC. This is not the value you want to change.
Debian, Ubuntu and others in that family let you set
hwaddress ether xx:xx:xx:xx:xx:xx in a section in
Gentoo Linux allows you to change MAC addresses using mac_eth0="xx:xx:xx:xx:xx:xx" style variables in
Do note that none of these distribution-specific methods let you use a random MAC address each and every boot. Using the above described systemd service may therefore better suit your needs.