On Wed, 2016-07-06 at 16:45 +0200, poma wrote:
On 18.06.2016 14:36, Chris Laprise wrote: [...]Is there more of a consensus now on this issue? My last attempt at using NM 1.2 with wpas 2.4 and iwlwifi driver (which supposedly uses nl80211) resulted in NM saying it couldn't turn randomization on. If I compile the latest NM 1.2 and wpas 2.5 master branches, should it work? My objective is to document the conditions and steps needed to get wifi randomization operational on Qubes OS, which is based on fedora. ChrisHave you tested recent Haller's commits? "wifi: implement MAC address randomization in NetworkManager instead of supplicant" https://cgit.freedesktop.org/NetworkManager/NetworkManager/log/?qt=gr ep&q=randomization
Hi poma, I wanted to reply to this thread, explaining what I changed there... I forgot, ... on master (upcoming 1.4.0) wpa-supplicant is no longer used to randomize MAC addresses. Instead it's done by NetworkManager. Also, this also works now with ethernet, not only Wi-Fi. Again, randomization during Wi-Fi scanning is enabled by default. It can be disabled per-device via NetworkManager.conf: [device] wifi.scan-rand-mac-address=no See `man NetworkManager.conf`. For randomzation during connection, the wifi.mac-address-randomization setting is deprecated (but still used in case you have old connections on disc). Now, you configure instead wifi.cloned-mac-address (or ethernet.cloned- mac-address). See `man nm-settings`. nmcli connection modify $MY_WIFI wifi.cloned-mac-address stable Related expert options are: * per-connection (man nm-settings): - "connection.stable-id", which affects the generated ID for with "cloned-mac-address=stable". If you have multiple connections that should generate the same MAC address. - "wifi.generate-mac-address-mask", "ethernet.generate-mac-address-mask" * per-device (man NetworkManager.conf): - "wifi.scan-generate-mac-address-mask" Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part