ctrl_interface=/run/wpa_supplicant
update_config=1
network={
ssid="WPA3"
psk="PASSWORD"
key_mgmt=SAE
}
Doing a "wpa_cli scan" shows that it gets recognized as SAE at least:
$ sudo wpa_cli scan_results
... / flags / ssid
... [WPA2-SAE-CCMP][ESS][UTF-8] WPA3
But it still does not connect if i run it:
$ sudo wpa_supplicant -i wlp3s0 -c /etc/wpa_supplicant/wpa_supplicant.conf
Successfully initialized wpa_supplicant
wlp3s0: SME: Trying to authenticate with xx:xx:xx:xx:xx:xx (SSID='WPA3' freq=2462 MHz)
wlp3s0: SME: Trying to authenticate with xx:xx:xx:xx:xx:xx (SSID='WPA3' freq=2462 MHz)
wlp3s0: PMKSA-CACHE-ADDED xx:xx:xx:xx:xx:xx 0
wlp3s0: Trying to associate with xx:xx:xx:xx:xx:xx (SSID='WPA3' freq=2462 MHz)
wlp3s0: CTRL-EVENT-ASSOC-REJECT bssid=xx:xx:xx:xx:xx:xx status_code=31
wlp3s0: SME: Deauth request to the driver failed
... repeats a few times ...
wlp3s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="WPA3" auth_failures=2 duration=20 reason=CONN_FAILED
In the router system log the tries are visible without any errors:
daemon.info hostapd: wlan1-2: STA xx:xx:xx:xx:xx:xx IEEE 802.11: authenticated
Same if i switch the AP to WPA2/WPA3 mixed mode... and then if i don't specify key_mgmt=SAE it does work but uses only key_mgmt=WPA2-PSK.
Edit: Seems like the auth works, but the association fails. I have also run wpa_supplicant with -d which reveals the section:
nl80211: Association request send successfully
nl80211: Ignored event 20 (NL80211_CMD_DEL_STATION) for foreign interface (ifindex 3 wdev 0x0)
nl80211: Drv Event 20 (NL80211_CMD_DEL_STATION) received for wlp3s0
nl80211: Delete station xx:xx:xx:xx:xx:xx
nl80211: Ignored event 38 (NL80211_CMD_ASSOCIATE) for foreign interface (ifindex 3 wdev 0x0)
nl80211: Drv Event 38 (NL80211_CMD_ASSOCIATE) received for wlp3s0
nl80211: Associate event
wlp3s0: Event ASSOC_REJECT (12) received
wlp3s0: CTRL-EVENT-ASSOC-REJECT bssid=xx:xx:xx:xx:xx:xx status_code=31
wlp3s0: SME: Association with xx:xx:xx:xx:xx:xx failed: status code 31
wpa_driver_nl80211_deauthenticate(addr=xx:xx:xx:xx:xx:xx reason_code=3)
wlp3s0: nl80211: MLME command failed: reason=3 ret=-107 (Transport endpoint is not connected)
So i looked up what the status codes mean and found this table: https://support.google.com/chrome/a/ans … 2038?hl=en -> 31 Robust management frame policy violation
Has it something to do with 802.11w (PMF)?
I have set it to "Optional" in OpenWRT. Now i tried also "Disabled" and "Required" and with this i don't even get a log output and again no connection...
he used the wpa_supplicant directly, but i can't even get wpa_cli working:
$ sudo wpa_cli status Failed to connect to non-global ctrl_ifname: (nil) error: No such file or directory
The wpa_supplicant configuration file needs to explicitly set permission for wpa_cli so just use the command directly: https://wiki.archlinux.org/index.php/WP … ant#Manual
Kill any running instances of wpa_supplicant before trying that though.
]]>Compiled also wpa_supplicant-git with the SAE config option. But if i look at the wifi list with NetworkManager it does not recognize it:
$ nmcli dev wifi list
... MODE CHAN RATE SIGNAL BARS SECURITY
... Infra 40 405 Mbit/s 87 ▂▄▆█ --
Then if it try to connect with "nmcli dev wifi con SSID PASSWORD" it says "Error: invalid extra argument 'mypassword'." as if the network is not encrypted. Without password it also fails, because it could not determine the AP Security Information.
I am using the current version 1.22.4, in theory it should be supported since 1.16...
In this (https://gist.github.com/est31/d92d17acb … 38764cd791) over a year old gist was written that networkmanager does not support WPA3 so far, so he used the wpa_supplicant directly, but i can't even get wpa_cli working:
$ sudo wpa_cli status
Failed to connect to non-global ctrl_ifname: (nil) error: No such file or directory
wpa_supplicant is of course running in the background. Stopping NetworkManger.service does not make a difference. Don't know how to proceed now.
Anyone got this working on Arch?
]]>As mentioned, did you try with nmcli/wpa_supplicant directly? Plasma shouldn't inherently prevent you from doing that.
No how to do this?
]]>On top of the old plasma? Don't know, if no API/ABI breaks happened you could try, however at least as far as AUR packages go https://aur.archlinux.org/packages/plasma-nm-git would pull in the whole suite as git which is probably not the best bet just to fix a minor visual issue.
that's not only a visual problem it doesn't let me connect to my wlan, i get the message from kde connection can't be added 802-11-wireless-security: WPA isn't compatible with static WEP
]]>plasma-nm will only have UI support in the next 5.18 release: https://cgit.kde.org/plasma-nm.git/comm … 2709ea6194 This commit was made last november and isn't yet part of a 5.17 branch.
Connecting/listing with nmcli/nmtui should work.
Can i only use plasma-nm from this branch?
]]>Connecting/listing with nmcli/nmtui should work.
]]>and also tested with the
https://git.archlinux.org/svntogit/pack … supplicant
and edited the config and added CONFIG_SAE=y
still the same.
i've download this tree and made makepkg -Si after i added CONFIG_SAE=y in config, then i installed it with pacman -U, but nothing changed after that, can you help me too?
]]>"prepare() {
cd "$srcdir"
echo "CONFIG_OWE=y" >> "$srcdir/config"
echo "CONFIG_SAE=y" >> "$srcdir/config"
}
"
but now the type of wpa3 configured one is shown as unknown and the security dropdown still doesnt have wpa3.
]]>