Re: how to set psk-flags=0 disabling encrypted psk storage as default for gnome-network-manager

On Fri, 2020-03-13 at 09:05 +0100, Jelle de Jong via networkmanager-
list wrote:
Thank you Thomas for taking the time to reply,

I understand what you write and that by using the nmcli I can create 
manual profiles as administrator that behave the way I want.

How co I find support for network-manager-gnome nm-applet I need it
change it default behavior and store wifi profiles created as users
wifi-sec.psk-flags 0 and connection.permissions empty.

Do you know the dbus or policy options or user profile or general
settings to make the client behave this way?

I not looking for a way where I can do this manually when making
new WiFi connections, I need the default behavior set.


As said before: the client that creates/modifies the profile,
determines its content.

so, your question really revolves around which tool you are using to
create/modify the profile, and whether that allows you to choose
certain defaults. There is no answer because it depends.

You talk about nm-applet. The only way how nm-applet can create a
profile, is when you click on a Wi-fi SSID. Then it's similar to `nmcli
device wifi connect ssid "$SSID"`. In that case, nm-applet does not
allow you to pre-determine the settings of the new profile (except the
comment about connection.permission below).

Most clients already default to wifi-sec.psk-flags=0 and

Except, if your user has no PolicyKit permissions to create system-wide 
profiles, then most clients will default to
"connection.permission=user:$USER". Of course, if they wouldn'd do
that, you may not be able to configure the profile in the first

Check the org.freedesktop.NetworkManager.settings.modify.own and
org.freedesktop.NetworkManager.settings.modify.system permissions with
`nmcli general permissions`. If you give your user permissions
"modify.system", then certain clients will prefer to set


On 2020-03-13 07:47, Thomas Haller wrote:
On Thu, 2020-03-12 at 23:44 +0100, Jelle de Jong via
list wrote:
Hi everybody,

I want to find a way to keep WiFi networks connected before user
or logoff.

That implies that you do not restrict the profile to a certain
Meaning: "connection.permissions" is left unset/empty.

The problem seems to be that network-manager tries to auto
does not have access to the encrypted key. I am going through the
and there is an psk-flags=0 that should tell to not use encrypted

The docs that you refer to is possbly `man nm-settings`.

How do I set psk-flags=0 as default for gnome-network-manager, i
seem to find the right dbus or polkit policy.

As said, there is no "default".

This is a setting of each profile, there is no default. Also, the
setting is determined by the client tool that creates/modifes the
profile. NetworkManager doesn't really apply a default.

tried the bellow in /etc/NetworkManager/NetworkManager.conf but

Don't configure per-profile settings in NetworkManager.conf. There
`man NetworkManager.conf` for general NetworkManager configuration
`man nm-settings` for per-profile settings.

You can set profile values in several ways:

   nmcli connection show "$PROFILE"
   nmcli connection modify "$PROFILE" wifi-sec.psk-flags 0

you can also set this via most of the GUIs, like nm-connection-
or plasma-nm.

You can also edit the profile on disk, but that would then be in
/etc/NetworkManager/system-connections (or similar). See the
used file via `nmcli -f all connection`. If you edit the file, you
to first do `nmcli connection reload` or `nmcli connection load



Kind regards,

Jelle de Jong
networkmanager-list mailing list
networkmanager-list gnome org

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]