Dan Williams wrote:
> On Tue, 2007-10-16 at 23:25 +0200, Giovanni Lovato wrote:
>> Dan Williams wrote:
>>> On Tue, 2007-10-16 at 18:04 +0200, Giovanni Lovato wrote:
>>>> Dan Williams wrote:
>>>> [CUT]
>>>>>> Reading log files I guess my keyring is being unlocked correctly:
>>>>>>
>>>>>> gdm[6175]: pam_unix(gdm:session): session opened for user giovanni by
>>>>>> (uid=0)
>>>>>> gdm[6175]: gkr-pam: unlocked 'login' keyring
>>>>>>
>>>>>> And it seems also NM is receiving the key:
>>>>>>
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
>>>>>> <info> Activation (wlan0/wireless): access point 'Laurelin' is
>>>>>> encrypted, but NO valid key exists. New key needed.
>>>>>> <info> Activation (wlan0) New wireless user key requested for network
>>>>>> 'Laurelin'.
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
>>>>>> <info> Activation (wlan0) New wireless user key for network 'Laurelin'
>>>>>> received.
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled...
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) started...
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled...
>>>>>> <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
>>>>>> <info> Activation (wlan0/wireless): access point 'Laurelin' is
>>>>>> encrypted, but NO valid key exists. New key needed.
>>>>>> <info> Activation (wlan0) New wireless user key requested for network
>>>>>> 'Laurelin'.
>>>>>> <info> Activation (wlan0) Stage 2 of 5 (Device Configure) complete.
>>>>>>
>>>>>> But doesn't bring up the interface and it loops on those stages. The key
>>>>>> is correct because if I unset gconf entries and retry to connect all
>>>>>> goes fine, it saves the key to the keyring and then connects.
>>>>>> The problem appears the next login, so I have to unset gconf entries and
>>>>>> always recreate the connection...
>>>>>>
>>>>>> I have that issue on two different fresh Gutsy installation. Do you
>>>>>> think it's a Gutsy related bug, my fault or NM?
>>>>> Can you provide the output of an 'iwlist <interface name> scan' for the
>>>>> 'Laurelin' access point?
>>>> # iwlist wlan0 scan
>>>> iwlist wlan0 scan
>>>> wlan0 Scan completed :
>>>> Cell 01 - Address: XX:XX:XX:XX:XX:XX
>>>> ESSID:"Laurelin"
>>>> Protocol:IEEE 802.11bg
>>>> Mode:Master
>>>> Channel:11
>>>> Frequency:2.462 GHz (Channel 11)
>>>> Encryption key:on
>>>> Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
>>>> 11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
>>>> 48 Mb/s; 54 Mb/s
>>>> Quality=84/100 Signal level=-50 dBm Noise
>>>> level=-50 dBm
>>>> IE: WPA Version 1
>>>> Group Cipher : WEP-40
>>>> Pairwise Ciphers (1) : WEP-40
>>>> Authentication Suites (1) : 802.1x
>>>> Extra: Last beacon: 84ms ago
>>> Wow.
>>>
>>> I've never seen an AP advertise in the WPA IE before that it only
>>> supports WEP + 802.1x. Usually those APs don't advertise that. Can you
>>> tell me the model and vendor of the AP you're using?
>>>
>>> I think technically, it's illegal to advertise WPA capability with only
>>> WEP ciphers. AFAIK WEP is allowed for the Group cipher, but you cannot
>>> use WEP as a pairwise cipher with WPA, since WPA requires either TKIP or
>>> CCMP or both as pairwise ciphers. This configuration is essentially
>>> "Dynamic WEP". So it's not surprising that NM will get this config
>>> wrong, but it's a bug in NM that should probably get fixed.
>>>
>>> All that said though, it would be great if all Dynamic WEP access points
>>> advertised like this, because then NM can make a better guess as to what
>>> type of authentication the AP supports. Seems like a case of a vendor
>>> not quite understanding how to go about advertising AP capability...
>> The AP is a USR 9106. The fact is that it always worked (and works) with
>> NM 0.6.4; also notice I have the same problem on another wireless
>> network with the newer DWL-2200AP. So I think my problem isn't related
>> to the APs...
>
> Does the DWL-2200AP 'iwlist' output look the same?
DWL-2200AP supports both WPA1/2, this is the output:
Cell 04 - Address: XX:XX:XX:XX:XX:XX
ESSID:"Telperion"
Protocol:IEEE 802.11bg
Mode:Master
Channel:13
Frequency:2.472 GHz (Channel 13)
Encryption key:on
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 9 Mb/s; 11 Mb/s
6 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
48 Mb/s; 54 Mb/s
Quality=38/100 Signal level=-86 dBm Noise
level=-86 dBm
IE: WPA Version 1
Group Cipher : WEP-40
Pairwise Ciphers (2) : WEP-40 TKIP
Authentication Suites (1) : 802.1x
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : WEP-40
Pairwise Ciphers (2) : WEP-40 TKIP
Authentication Suites (1) : 802.1x
Preauthentication Supported
Extra: Last beacon: 7332ms ago
It also supports Multi-SSID, I need it so it's enabled.
I want to recall that I had no problem connecting with NM 0.6.4, nor
with wpa_supplicant or Windows XP at this time.
G.L.
--
mail: giovanni lovato aldu net
web: http://heruan.my.aldu.net
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature