Re: WPA-EAP with phase2

From: Volker Braun <volker braun physik hu-berlin de>
To: networkmanager-list gnome org
Subject: Re: WPA-EAP with phase2
Date: Tue, 22 May 2007 13:40:11 +0000 (UTC)

Why does network manager insist on setting the pairwise/group ciphers at 
all? The wpa_supplicant default is

  pairwise=CCMP TKIP
  group=CCMP TKIP WEP104 WEP40

and that should cover all bases. Side effect: one less configuration 
option, yay! 

For those that transmit sensitive information via broadcast  one could 
have a checkbox "Avoid WEP ciphers" or some such. But in that scenario 
these ciphers really have to be turned off on the AP side, disallowing 
them on the client side just makes it impossible to connect.

Irregardless, I really don't understand why anybody would use 
pairwise=TKIP and group=WEP104. Old hardware that only needs to see 
broadcast packets? 

Volker

On Mon, 21 May 2007 15:48:38 +0200, Ralf Rublack wrote:
> I try to connect to a wireless network with follow configuration
> (from my wpa_cupplicant.conf)
> 	key_mgmt=WPA-EAP
>         eap=TTLS
>         proto=WPA
>         pairwise=TKIP
>         group=WEP104
>         phase2="auth=PAP"

Follow-Ups:
- Re: WPA-EAP with phase2
  - From: Patrick Bogen
- Re: WPA-EAP with phase2
  - From: Ralf Rublack
- Re: WPA-EAP with phase2
  - From: Dan Williams

References:
- WPA-EAP with phase2
  - From: Ralf Rublack

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]