Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp14538584rwb; Mon, 28 Nov 2022 02:11:28 -0800 (PST) X-Google-Smtp-Source: AA0mqf7zwYjMInyjXvGiAYPkyyZlXASL4XVsXmqbyC6iLnQtZbbkSiyodZdo/66yNGV8k9UYtBQH X-Received: by 2002:aa7:d7cc:0:b0:45b:4a4b:478c with SMTP id e12-20020aa7d7cc000000b0045b4a4b478cmr28633093eds.317.1669630287847; Mon, 28 Nov 2022 02:11:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669630287; cv=none; d=google.com; s=arc-20160816; b=a8SAa8jpt729dJaWJWODGce6LvAUvRnqH+NMItvjHKHXVCE1dFciuYa+dXJkTYNHIk IccogWmnafd8+QOAyb9GTjm582A/U9unXD4fU+XpRIv/5Y1GY2BZNhg0d3bUYU0ruf6E tP8TlZQ25DEa5C6uxITBkkGHrMD5jt4QjH2ItydkOALt+zBGC8EqdwTPnYJvuLtbbsfG 1jOehSMzGtn/zEfDVnhhf0zVBSd5111u5yNAjn4NAJ4+HJFSuVt30mPXtFV+fx9xH4j9 c/Ms51MMrizDVdaX0pNwbTVD7ghlrEuhVQNYOkSYa6OW5RexQtJYgEUAl35dQUlfkLnW 4WIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version; bh=A/VA+6ki5EXIaqYSTwcnhOPE4l2SbGElfflSG9GiJDU=; b=JeJuNzyww/L22A/HrLuTfSsrvwPD+d+NsHwqOz8EwunE5sZQAJ74S/e5TZC3BniIeH /DeqXxuPeWQ14DAXaf1tRSXT6VEXrCi5DJWmcgsHD4x4FmVzwBHFxP8lZhJr8RzOgCYV v/Q8dz0qLTrU2rM4RmbLT9DWB9qBsjYEBB+Z4VrmeQVN1i8Pe8Py0ySFiqQG2r/cV99w PnINwgS8HPzf+ccY8m5r60PJv6spf+RV+0F/zBgk84F8lc0YwNfLn6Cn1u39O/dJe8Nc QxJKYOynZdrpH6Im6mY2D4/f7cpksIvXrPZOPHT1JBhLxk0rj/8GzaIGAHtMfAeisKZ4 ws+Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ht16-20020a170907609000b007ae832c0b69si8977486ejc.512.2022.11.28.02.11.08; Mon, 28 Nov 2022 02:11:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229930AbiK1KFa (ORCPT + 67 others); Mon, 28 Nov 2022 05:05:30 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46706 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229731AbiK1KF3 (ORCPT ); Mon, 28 Nov 2022 05:05:29 -0500 X-Greylist: delayed 554 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Mon, 28 Nov 2022 02:05:28 PST Received: from mail.holtmann.org (coyote.holtmann.net [212.227.132.17]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 2552D10BD for ; Mon, 28 Nov 2022 02:05:28 -0800 (PST) Received: from smtpclient.apple (p4fefca0f.dip0.t-ipconnect.de [79.239.202.15]) by mail.holtmann.org (Postfix) with ESMTPSA id F0141CECBE; Mon, 28 Nov 2022 10:56:12 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\)) Subject: Re: PRO/Wireless 2200BG Intel WPA3 SSID connection problem #1 From: Marcel Holtmann In-Reply-To: Date: Mon, 28 Nov 2022 10:56:12 +0100 Cc: linux-wireless@vger.kernel.org Content-Transfer-Encoding: 7bit Message-Id: <3898EA13-74B9-43DD-960A-44FDF6BAE007@holtmann.org> References: To: Ioannis Barkas X-Mailer: Apple Mail (2.3696.120.41.1.1) X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org Hi Ioannis, >> Well, keep in mind that WPA3 requires all kinds of new things, and the >> *most recent* NIC you tried is already ~11 years old afaict. > Yes and no. Yes it needs new things. No this is not the case here. I > tested cards from 2021 back to 2003. > >> This probably means they use SW crypto for everything. > Sounds good to me since it works. > >> What makes you believe that? > The fact that some just work. Why not use SW crypto on legacy devices? > >> Umm, no? Why would we break NICs that work well with most existing >> networks, just not WPA3 ones? > You got it wrong here. What I mean is to use a flag that some devices > are not WPA3 compatible. That way when an attempt to connect at such > an SSID would print a message suggesting to use a WPA2 network. This > will help novice users and save time from bug reports. Most routers > now support WPA3. have you tried iwd instead of wpa_supplicant? I think we have taken care of ensuring that WPA3 (or more precise SAE) is only tried when all ciphers are correctly supported by the card. Otherwise it is going to stick with WPA2. In case of WPA3-only network, we will have to see what happens and if the error reported is correct. You can try iwd behind NM or standalone with iwctl command line client and it will also give you iwmon tracing tool that allows more capturing the nl80211 traffic. Regards Marcel