According to a RH bug description, the problem lies on the server side of connection.
Quote: " wpa_supplicant 2.4 may trigger this where 2.3 would not, becuase 2.4 enables some new ciphers for use with TLSv1.2, and the server may have enabled DH only for those ciphers that are now enabled. The options are to either get your network admins to fix the DH key issue by using something > 768 bits, or to disable TLSv1.2 for now until they fix it." https://bugzilla.redhat.com/show_bug.cgi?id=1241930 Too short DH key issue affects many programs (google it - sendmail, postfix, mysql etc.) Currently only option seems to be to downgrade wpa_supplicant to 2.3 as it seems to work and wait till a) a failback mechanism will be implemented to use older (and insecure!) TLS or SSL if TLS 1.2 fails or b) all eduroam RADIUS servers will be upgraded (more like never). ** Bug watch added: Red Hat Bugzilla #1241930 https://bugzilla.redhat.com/show_bug.cgi?id=1241930 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1473088 Title: network manager peap mschapv2 authentication stopped working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1473088/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
