wpa_supplicant 说网络已禁用

tag-icon tag-icon networking gentoo wpa-supplicant wpa wpa2-eap
wpa_supplicant 说网络已禁用

当尝试在 Gentoo Linux 上连接到网络(特别是大学的 WPA2 企业网络)时wpa_supplicant,如果未设置该标志,网络将显示为禁用。

我的wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant

network={
    ssid="TheNetwork"
    eap=PEAP
    identity="redacted"
    password="redacted"
    ca_cert="/etc/ssl/certs/AddTrust_External_Root.pem"
    ca_path="/etc/ssl/certs/"
    phase1="peapver=0"
    phase2="auth=MSCHAPV2"
}

network={
    ssid="Another network that works"
    key_mgmt=NONE
    disabled=1 # This is obviously not normally disabled
}

network={
    ssid="Yet another working network"
    psk="redacted"
    disabled=1 # Likewise
}

的输出sudo wpa_supplicant -iwlp3s0 -c/etc/wpa_supplicant/wpa_supplicant.conf -d,删除了重复行:

wpa_supplicant v2.6
random: Trying to read entropy from /dev/random
Successfully initialized wpa_supplicant
Initializing interface 'wlp3s0' conf '/etc/wpa_supplicant/wpa_supplicant.conf' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant/wpa_supplicant.conf' -> '/etc/wpa_supplicant/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
    Priority group 0
   id=0 ssid='TheNetwork'
   id=1 ssid='Another network that works'
   id=2 ssid='Yet another working network'
nl80211: Supported cipher 00-0f-ac:1
...
nl80211: Supported cipher 00-0f-ac:9
nl80211: Using driver-based off-channel TX
nl80211: Driver-advertised extended capabilities (default) - hexdump(len=8): 00 00 00 00 00 00 00 40
nl80211: Driver-advertised extended capabilities mask (default) - hexdump(len=8): 00 00 00 00 00 00 00 40
nl80211: interface wlp3s0 in phy phy0
nl80211: Set mode ifindex 4 iftype 2 (STATION)
nl80211: Subscribe to mgmt frames with non-AP handle 0x55701974e5f0
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x55701974e5f0 match=0104
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x55701974e5f0 match=040a
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x55701974e5f0 match=040b
...
rfkill: initial event: idx=1 type=1 op=0 soft=0 hard=0
netlink: Operstate: ifindex=4 linkmode=1 (userspace-control), operstate=5 (IF_OPER_DORMANT)
Add interface wlp3s0 to a new radio phy0
nl80211: Regulatory information - country=US (DFS-FCC)
nl80211: 2402-2472 @ 40 MHz 30 mBm
nl80211: 5170-5250 @ 80 MHz 23 mBm
nl80211: 5250-5330 @ 80 MHz 23 mBm (DFS)
nl80211: 5490-5730 @ 160 MHz 23 mBm (DFS)
nl80211: 5735-5835 @ 80 MHz 30 mBm
nl80211: 57240-63720 @ 2160 MHz 40 mBm
nl80211: Added 802.11b mode based on 802.11g information
wlp3s0: Own MAC address: [redacted]
wpa_driver_nl80211_set_key: ifindex=4 (wlp3s0) alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
...
wpa_driver_nl80211_set_key: ifindex=4 (wlp3s0) alg=0 addr=(nil) key_idx=5 set_tx=0 seq_len=0 key_len=0
wlp3s0: RSN: flushing PMKID list in the driver
nl80211: Flush PMKIDs
wlp3s0: No enabled networks (3 disabled networks)
wlp3s0: State: DISCONNECTED -> INACTIVE
ENGINE: Loading dynamic engine
ENGINE: Loading dynamic engine
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
nl80211: Skip set_supp_port(unauthorized) while not associated
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
Using existing control interface directory.
ctrl_iface bind(PF_UNIX) failed: Address already in use
ctrl_iface exists, but does not allow connections - assuming it was leftover from forced program termination
Successfully replaced leftover ctrl_iface socket '/var/run/wpa_supplicant/wlp3s0'
wlp3s0: Added interface wlp3s0
wlp3s0: State: INACTIVE -> DISCONNECTED
nl80211: Set wlp3s0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=4 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
random: Got 20/20 bytes from /dev/random
EAPOL: disable timer tick

让我印象深刻的是那条线wlp3s0: No enabled networks (3 disabled networks)。尽管事实上显然只有两个禁用网络,但这种情况还是出现了。尽管缺少标志,第一个网络仍被禁用的进一步证据disabled=1是,当与其他两个网络一起运行 wpa_supplement 命令时已启用,执行扫描并输出,但所有相关 AP 都被跳过为“已禁用”、“SSID 不匹配”和“SSID 不匹配”,即使 SSID 明显匹配。当在删除其他两个网络的情况下运行 wpa_supplicant 时,wlp3s0: No enabled networks (1 disabled networks)会出现该行。

配置中的什么原因导致出现这种情况?

答案1

当您network在 中声明块时,wpa_supplicant.conf默认值为key_mgmt(WPA-PSK IEEE8021Xconfig.c设置为DEFAULT_KEY_MGMT,的定义DEFAULT_KEY_MGMT)。稍后,当检查网络是否“禁用”时,检查之一是该块是否key_mgmt=WPA-PSK但确实不是psk=设定

因此,您的网络块存在两个问题。

  1. wpa_supplicant甚至不会尝试进行 PEAP 身份验证,因为您没有key_mgmt=WPA-EAP.我自己无法对此进行测试,但您在评论中提到设置此功能有帮助。

  2. 由于您使用的是默认值key_mgmt=WPA-PSK IEEE8021X,因此您的块将被视为禁用,因为您尚未设置psk。显然,第二个问题并不是您真正关心的问题,因为您打算使用 PEAP ;-)。

基于wpa_supplicant-2.6

相关内容