[prev in list] [next in list] [prev in thread] [next in thread] List: openbsd-misc Subject: Re: wpa_supplicant error From: "Theo de Raadt" <deraadt () openbsd ! org> Date: 2020-02-02 22:53:29 Message-ID: 16968.1580684009 () cvs ! openbsd ! org [Download RAW message or body] wpa_supplicant is definately a lower-class citizen, sorry. I increasingly wonder why this stuff matters; transit costs are so much lower than the period when eduroam was setup, and their reliance on 802.11x is super wierd in a world where, for the most part - entire cities have open wifi in their downtown core - edu vs edu+transit split horizon problems have to be solved anyways - many universities have parallel open wifi - rate limiting / fare-share approaches for the open-net, on unmetered flat-rate solves the problem - LTE hotspot off a phone isn't a rip off anymore - other open networks exist essentially noone else feels compelled to do use 802.11x for a so called "semi-open access network", so I think they've lost the plot on friction vs benefit. (we've held hackathons at EDU campus that are locked down like that, and in every case we've said no way, gotten a wire with open net, and built our own wifi. we will not subject our developers to that extra complexity). Charlie Burnett <burne251@umn.edu> wrote: > Yep I've been using that for a while, however I don't believe it's possible > to connect to eduroam through hostname.if config files :/ > > On Sun, Feb 2, 2020 at 4:01 PM Edgar Pettijohn <edgar@pettijohn-web.com> > wrote: > > > Try without wpa_supplicant > > > > /etc/hostname.iwm0 > > nwid yournwid wpakey yourwpakey > > dhcp > > > > sh /etc/netstart > > > > On Feb 2, 2020 3:42 PM, Charlie Burnett <burne251@umn.edu> wrote: > > > > > > Hey @misc, > > > I've used OpenBSD on my desktop and server for a while, however they both > > > have an Ethernet connection. I recently got my hands on a thinkpad x1 6th > > > gen in order to ensure compatibility with OpenBSD. I can connect fine via > > > the /etc/hostname.if with /etc/netstart, however I need to be able to > > > connect to eduroam for class. I was using linux on my past laptop, > > however > > > I connected through wpa_supplicant on it. I copied my wpa_supplicant.conf > > > over, however whenever I try to connect to a network I get hung up in the > > > same spot. The conf works fine on linux, so the credentials are correct. > > > I've also ensured the interface was up with "doas ifconfig iwm0 up" > > Here's > > > the output from attempting to connect with "doas wpa_supplicant -i iwm0 > > -c > > > /etc/wpa_supplicant.conf -D openbsd -dd": > > > wpa_supplicant v2.9 > > > Successfully initialized wpa_supplicant > > > Initializing interface 'iwm0' conf '/etc/wpa_supplicant.conf' driver > > > 'openbsd' ctrl_interface 'N/A' bridge 'N/A' > > > Configuration file '/etc/wpa_supplicant.conf' -> > > '/etc/wpa_supplicant.conf' > > > Reading configuration file '/etc/wpa_supplicant.conf' > > > ctrl_interface='/var/run/wpa_supplicant' > > > ctrl_interface_group='wheel' > > > eapol_version=2 > > > ap_scan=1 > > > fast_reauth=1 > > > update_config=1 > > > Line: 11 - start of a new network block > > > ssid - hexdump_ascii(len=): HOME > > > key_mgmt: 0x2 > > > PSK - hexdump(len=): [REMOVED] > > > Line: 19 - start of a new network block > > > ssid - hexdump_ascii(len=7): eduroam > > > scan_ssid=1 (0x1) > > > key_mgmt: 0x1 > > > eap methods - hexdump(len=): 00 00 00 00 19 00 00 00 00 00 00 00 00 00 > > 00 00 > > > phase2 - hexdump_ascii(len=): > > > 61 75 74 68 3d 4d 53 43 48 41 50 56 32 auth=MSCHAPV2 > > > auth_alg: 0x1 > > > identity - hexdump_ascii(len=): > > > ca_cert - hexdump_ascii(len=): > > > 2f 65 74 63 2f 73 73 6c 2f 63 65 72 74 73 2f 41 /etc/ssl/certs/A > > > 64 64 54 72 75 73 74 5f 45 78 74 65 72 6e 61 6c ddTrust_External > > > 5f 52 6f 6f 74 2e 70 65 6d _Root.pem > > > password - hexdump_ascii(len=): [REMOVED] > > > Line: 32 - start of a new network block > > > ssid - hexdump_ascii(len=): HOME2 > > > PSK - hexdump(len=): [REMOVED] > > > Priority group 0 > > > id=0 ssid='HOME' > > > id=1 ssid='eduroam' > > > id=2 ssid='HOME2' > > > Add interface iwm0 to a new radio N/A > > > iwm0: Failed to attach pkt_type filter > > > iwm0: Own MAC address: 38:00:25:6c:76:6d > > > iwm0: RSN: flushing PMKID list in the driver > > > iwm0: Setting scan request: 0.100000 sec > > > ENGINE: Loading builtin engines > > > ENGINE: Loading builtin engines > > > EAPOL: SUPP_PAE entering state DISCONNECTED > > > EAPOL: Supplicant port status: Unauthorized > > > EAPOL: KEY_RX entering state NO_KEY_RECEIVE > > > EAPOL: SUPP_BE entering state INITIALIZE > > > EAP: EAP entering state DISABLED > > > ctrl_interface_group=0 (from group name 'wheel') > > > iwm0: Added interface iwm0 > > > iwm0: State: DISCONNECTED -> DISCONNECTED > > > iwm0: Using OpenBSD - overriding ap_scan configuration > > > EAPOL: disable timer tick > > > > > > Here is the output after sending a ctrl-C to the terminal: > > > ^Ciwm0: Removing interface iwm0 > > > iwm0: Request to deauthenticate - bssid=00:00:00:00:00:00 > > > pending_bssid=00:00:00:00:00:00 reason=3 (DEAUTH_LEAVING) > > state=DISCONNECTED > > > iwm0: State: DISCONNECTED -> DISCONNECTED > > > EAPOL: External notification - portEnabled=0 > > > EAPOL: External notification - portValid=0 > > > iwm0: WPA: Clear old PMK and PTK > > > iwm0: Cancelling scan request > > > iwm0: Cancelling authentication timeout > > > Remove interface iwm0 from radio > > > Remove radio > > > iwm0: CTRL-EVENT-TERMINATING > > > > > > > > > And here's my wpa_supplicant.conf (with ssid's and psk's removed): > > > ctrl_interface=/var/run/wpa_supplicant > > > ctrl_interface_group=wheel > > > eapol_version=2 > > > ap_scan=1 > > > fast_reauth=1 > > > update_config=1 > > > > > > network={ > > > ssid="HOME" > > > psk=PASSWORD > > > } > > > > > > # Eduroam > > > network={ > > > ssid="eduroam" > > > scan_ssid=1 > > > key_mgmt=WPA-EAP > > > eap=PEAP > > > phase2="auth=MSCHAPV2" > > > auth_alg=OPEN > > > identity="burne251@umn.edu" > > > ca_cert="/etc/ssl/certs/AddTrust_External_Root.pem" > > > password="Here I am, here I remain." > > > } > > > > > > network={ > > > ssid="HOME2" > > > psk=PASSWORD > > > } > > > > > > Any help would be very much appreciated! > > [prev in list] [next in list] [prev in thread] [next in thread]