Or you could set up WPA-RADIUS and 802.1x for dynamic per-port keying, which fixes a lot of the issues. Some instances of WPA will use AES, although this isn't part of the original WPA specification. WPA2 "fixes" these problems as it uses AES.
Is there a WPA2-PSK?
Yes. Both WPA and WPA2 support "home" and "enterprise" profiles - home being PSK and enterprise being radius-based authentication The latest (September 05) LJ has a couple of articles on WPA - "Securing Wi-Fi networks with WPA" and "Cracking WPA-protected Wi-Fi Networks". The former covers setting up xsupplicant (and assumes you already have a radius server set up), the latter talks about cracking poorly configured WPA-PSK networks.
WPA-Radius is much better but you have to set up a Radius server as well which makes it more work but is definitely needed if you have more than a handful of machines.
It is a bit more work, but doesn't seem like it should be too bad. Debian Sarge has a package for the excellent freeradius server, although it is compiled without real SSL support (licensing issues), so if you want to set up freeradius and do things properly, I'd suggest getting the source from the freeradius website and building a .deb from that (it has the proper structure set up already).