Hello Thomas, Sorry for the late reply. Georg Müller (https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/756 <https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/756>) also highlighted the approach of back porting the patch and rebuild Network Manager.
Regarding the wpa_supplicant I was also not successful in configuring it in such a way that WPS is not activated. If you come across a good idea, let me know. Thanks a lot and best regards, Florian Klein smartdings Weilimdorfer Straße 45 70825 Korntal-Münchingen +49 159 06450487 i...@smartdings.com www.smartdings.com Check out our visualisation solution: www.easyvis.io > On 9. Apr 2021, at 11:48, Thomas Haller <thal...@redhat.com> wrote: > > On Fri, 2021-04-09 at 10:41 +0200, Florian Klein wrote: >> Hello Thomas, >> >> Thanks a lot for your reply. This is really helpful. >> >> In the meantime I found that this issue got fixed last month in >> Network Manager: >> https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/756 > > Oh, I was not aware of this. > > >> But because we do not have a way to use the latest version it would >> be wonderful to find a workaround. > > if you rebuild NetworkManager, then it should be simple to backport > this patch. But indeed, it is undesirable to maintain your own > package... > >> I tried to disable wps in the wpa_supplicant config [1] file but this >> did not work. Is this the right way to adjust it? Is this even the >> wpa_supplicant config used by network manager? > > I thought that might work. I tried, and even with debug logging > wpa_supplicant does not log that it was reading the config file and it > didn't complain about bogus entries in the configuration. But it should > have used the file... I don't know. > > I'd suggest to run wpa_supplicant with debug logging (-ddd) and check > the logs, if you didn't already do that. > > > best, > Thomas > >> >> Thanks a lot and best regards, >> >> Florian >> >> [1] Added to >> /etc/wpa_supplicant/wpa_supplicant.conf >> >> ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev >> wps_disabled=1 >> update_config=1 >> country=DE >> >> >> >>> On 9. Apr 2021, at 08:42, Thomas Haller <thal...@redhat.com> wrote: >>> >>> On Wed, 2021-04-07 at 17:18 +0200, Florian Klein wrote: >>>> Dear Network Manager Experts, >>>> >>>> we are opening an Access Point with network manager (on a RPI4 >>>> with >>>> Raspbian) and everything is working fine except that when >>>> connecting >>>> from Windows 10 we are asked for a pin first (probably wps pin) >>>> instead >>>> of getting shown directly the passphrase field to enter. This is >>>> not >>>> observed on Mac and Linux. >>>> >>>> Our wifi-ap configuration: >>>> sudo nmcli c add con-name wifi-ap type wifi ssid test >>>> ifname >>>> wlan0 save yes autoconnect yes 802-11-wireless.mode ap 802-11- >>>> wireless.band bg ipv4.method shared wifi-sec.key-mgmt wpa-psk >>>> wifi- >>>> sec.psk "test1234" >>>> >>>> >>>> We already tried multiple configurations from the provided page: >>>> >>>> https://developer.gnome.org/NetworkManager/stable/settings-802-11-wireless-security.html >>>> like: >>>> - wps-method 1 >>>> - proto rsn >>>> - pairwise ccmp >>>> >>>> But nothing really helped. Would be fantastic to get your support >>>> here. >>>> Thanks >>> >>> >>> Hi Florian, >>> >>> >>> in another email you said that you are using Version 1.14.6, from >>> Raspian10. That's is quite an old version and it might be >>> interesting >>> to try a recent version. But in practice, I don't think your >>> question >>> will be solved by that, so OK. >>> >>> NetworkManager's "wifi.mode ap" is something simple that is mainly >>> aimed for simple setups. The reason is that if you run a "serious" >>> access point, you might want to configure countless parameters >>> related >>> to Wi-Fi, but then also want more control over the DHCP and DNS >>> server. >>> NetworkManager does that all, but the configuration options are not >>> that extended. So, consider whether NetworkManager is the right >>> choice >>> here. But we really want NetworkManager to be stellar also in such >>> cases, so it's not that we say: "such usecase is not supported". >>> But: >>> "maybe it doesn't work that well yet, but we'd hope to improve on >>> that >>> (e.g. by adding new configuration options and fix issues in certain >>> use-cases)". >>> >>> >>> OK, more to your actual question... >>> >>> >>> NetworkManager uses wpa_supplicant's AP mode. wpa_supplicant is the >>> sibling of hostapd, and both are highly configurable. Your problem >>> indeed seems to be related to WPS. I am not familiar with this, so >>> I >>> don't know the solution. I would think you first should understand >>> how >>> to configure this in wpa_supplicant (or hostapd). And then, in a >>> second >>> step, how to bring NetworkManager to get that right. >>> >>> What NetworkManager does, is relatively simple. Enable >>> `level=TRACE` >>> logging (see [1]), then NetworkManager will log the options that it >>> sets in supplicant, like >>> >>> Config: added 'mode' value '2' >>> >>> ('2' means AP mode). NetworkManager configures wpa_supplicant via >>> the >>> D-Bus API. >>> >>> >>> I think there is a "wps_disabled" option in wpa_supplicant.conf. >>> It's >>> not clear whether "wps_disabled" is really the right solution to >>> your >>> problem. But if it is, you might be able to set that in >>> wpa_supplicant.conf so that it gets honored. >>> >>> If it's really about wps_disabled, I guess you could also re- >>> compile >>> supplicant package without WPS support. Would be at least >>> interesting >>> as a try. >>> >>> If that is the right solution, then maybe this should be set by >>> NetworkManager (but I think the flag is currenlty not configurable >>> via >>> D-Bus(?)). Anyway, it would be interesting later to improve >>> NetworkManager to get this right. >>> >>> >>> [1] >>> https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/contrib/fedora/rpm/NetworkManager.conf#L49 >>> >>> >>> >>> >>> hope this gave you some ideas, >>> >>> best, >>> Thomas >> >
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
