On Mon, Oct 24, 2022 at 12:52:48PM +0200, Shawn Adams via networkmanager-list wrote: > All, > > Perhaps I'm missing something, but do not see a UI option to enable 802.11r. > > I can edit the /etc/system/NetworkManager/<connection file> and manally set > the key-mgmt: > > [wifi-security] > key-mgmt=FT-EAP FT-EAP-SHA384
This is not a valid key-mgmt from NM point of view. When you restart NM (or after, a "nmcli connection reload") you should see something like: failed to load connection: invalid connection: 802-11-wireless-security.key-mgmt: 'ft-eap ft-eap-sha384' is not a valid value for the property in logs and the profile is not loaded. The valid values are those listed in "man nm-settings". key-mgmt Key management used for the connection. One of "none" (WEP or no password protection), "ieee8021x" (Dynamic WEP), "owe" (Opportunistic Wireless Encryption), "wpa-psk" (WPA2 + WPA3 personal), "sae" (WPA3 personal only), "wpa-eap" (WPA2 + WPA3 enterprise) or "wpa-eap-suite-b-192" (WPA3 enterprise only). > Then restart NM and this works (yes provided the driver supports, which it > does). > > FYI - can set OKC via wpa_cli. > > However; when NM is restarted, the UI config tool shows the ESSID connection > profile, but is missing > the certificate selection, i need to reconfigure via the UI. > > am I missing a more elegant method of enabling 802.11r ? Currently there isn't a way to explicitly enable or disable FT. NM automatically enables FT when wpa_supplicant reports that the wireless interface supports it. The detection is based on whether the "Capabilities" D-Bus field of the wireless interface contains "KeyMgmt=wpa-ft-psk". If you increase NM logging level to trace and restart it, you should see what capabilities are reported ('+' means supported): <debug> [1666943325.0852] sup-iface[ad2675fb588f7c6b,2,wlan0]: interface supported features: AP? FT+ SAE+ BIP+ And when connecting, you can see which configuration is passed to wpa_supplicant: <info> [1666943444.7227] Config: added 'ssid' value 'test' <info> [1666943444.7227] Config: added 'key_mgmt' value 'WPA-EAP FT-EAP FT-EAP-SHA384 WPA-EAP-SHA256' <info> [1666943444.7227] Config: added 'password' value '<hidden>' <info> [1666943444.7227] Config: added 'eap' value 'PEAP' ... Beniamino
signature.asc
Description: PGP signature
_______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list