From nobody Mon Mar 03 19:03:05 2025 X-Original-To: wireless@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Z67WH5XDkz5qFK9 for ; Mon, 03 Mar 2025 19:03:23 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: from mail-yw1-x112f.google.com (mail-yw1-x112f.google.com [IPv6:2607:f8b0:4864:20::112f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Z67WH3QGcz3SDK; Mon, 03 Mar 2025 19:03:23 +0000 (UTC) (envelope-from kob6558@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-yw1-x112f.google.com with SMTP id 00721157ae682-6f47ed1f40dso36709927b3.1; Mon, 03 Mar 2025 11:03:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741028602; x=1741633402; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lwAxV8WPwDySblbezVYbdNMkbGtTScqKQQ0Kmwpo34M=; b=TS5PhC6BmF8udg/0P7//aB+6LtW5OOq41Rp4rtYcL54dEp9uF3eKNDc18kU5gPpJwY 5ldFsndlQz2w2wgnF2QJcgNvihax2ED9FLZZF/mJAZrFSIQkHXmgTpJ59hhBBYbtT0XO rNWfwIvTMZCzvK7scngwH2qvWwNzVCoabspHC21L6BxIQKe4AfvrmeedsyGzbsdefRc3 7gZkTdeoCEOknQeH/SyW1BW5wYmyrnf7/MzB6mNgQ/nSnrhAZNSLERmdph68N5YiofWl McSXmpW2fCsvM7mNvX0Dovab26EkXssSF/j7DLVGSrb5O8lotItsW8pCm0cFevklggjf 3ycg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741028602; x=1741633402; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lwAxV8WPwDySblbezVYbdNMkbGtTScqKQQ0Kmwpo34M=; b=qbSeh4WbYvwFUzwJCrGPtg9YO+JipZGUO1iFUErCp/V6nfpcxvMcqqIOtUTPBoubjL MdKM6aSKMslV5ARY8mXJwjeLw1YxXFcqptL6Lxkllj87wKySfKR2WHENTP18/zCQyjxf 7KXOtPlPOAHPRAr1ynkNP9+8nWAPrV5Tl2uKXb4WyZJCVcYw2nsrmbWsBBX5mV/gTWep 9pAgJhILxdpJGxLcr4SzL70WYH+LNMZZQdIzw4xURRaX3gSiQIGWU0gAeebYsY5Lwf5d 1zBmhfl9jrF6FdAELunwhuKvDLnL2Sdjg52DJqhxUqYY4aUT/CsvlTEMPYdOtn3smaeT AP2w== X-Gm-Message-State: AOJu0Yx9rMF4CA4TnrNjENQ+sa5VQtHWoj2YvdmOR0lHfsCnxYix+FvN L6fBk6XKSlpve2agu01BZnf8bIsA4UrRrXYC2qEDzx/bsT0pZ+Sk+EiakEJYHm9N5hoc6DlfbUw /CEQGpUBlQ3Fru6VFF3ZLvFUNIM7PWw== X-Gm-Gg: ASbGnctHH2HbLecyMHX+suVaF3x1z/HQ2EoKStimoZ9Hg9yRr2h6FJxIVtoY60+aT+f /zT1BMIkK4x8bwg9V1qYskh8xQXHvtZPI0n1+g4v7NELwuv0Z6eXHO+6Ym85Sz7yAUHWnFFJAqz DtvR4jGkJqXF89+ZSh966s51Hmxpg= X-Google-Smtp-Source: AGHT+IHkfYVUnI03XOy0PN+ahKmqdi5voYgC8KRkN/c62JW6JLOiJ3EtmCJWJENEBPhr7CCusCNwwhOo/VtieAfs1j4= X-Received: by 2002:a05:690c:45c5:b0:6fd:3727:6476 with SMTP id 00721157ae682-6fd4a04aaadmr207814887b3.11.1741028602113; Mon, 03 Mar 2025 11:03:22 -0800 (PST) List-Id: Discussions List-Archive: https://lists.freebsd.org/archives/freebsd-wireless List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-wireless@freebsd.org Sender: owner-freebsd-wireless@FreeBSD.org MIME-Version: 1.0 References: <65084192-3261-nqoq-rq74-75873pssp0or@serrofq.bet> In-Reply-To: From: Kevin Oberman Date: Mon, 3 Mar 2025 11:03:05 -0800 X-Gm-Features: AQ5f1Jo3fsAB1h_tANzlwGRGqVCP7zzVnAnwBJuDudwmmcp4vhVDP1egpHe_sA4 Message-ID: Subject: Re: iwlwifi / rtw88 / rtw89 hw crypto request for test (precon for HT/VHT) To: "Bjoern A. Zeeb" Cc: FreeBSD wireless mailing list Content-Type: multipart/alternative; boundary="0000000000005f7578062f74cf5d" X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4Z67WH3QGcz3SDK X-Spamd-Bar: ---- --0000000000005f7578062f74cf5d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Mar 3, 2025 at 3:14=E2=80=AFAM Bjoern A. Zeeb wrot= e: > On Sun, 2 Mar 2025, Kevin Oberman wrote: > > > On Sun, Mar 2, 2025 at 4:56=E2=80=AFPM Bjoern A. Zeeb = wrote: > > > >> On Sun, 2 Mar 2025, Kevin Oberman wrote: > >> > >> Hi Kevin, > >> > >>> I was excited to see that it looked like 802.11n was on the way! Trie= d > >>> step one, enabling 802.11 crypto, and had no luck at all. I know my > AX211 > >>> supports CCMP, but attempting to boot gets: > >>> wlan0: link state changed to UP > >>> iwlwifi0: _lkpi_iv_key_set: CIPHER SUITE 0xfac02 (TKIP) not supported > >>> wlan0: link state changed to DOWN > >>> > >>> Why don't I see any attempt to do CCMP? Am I looking at an issue with > the > >>> Arris WiFi provided by my carrier (Frontier)? I can't find any > reference > >> to > >>> encryption in the DHCP configuration. Mine is very basic PSK: > >>> network=3D{ > >>> ssid=3D"My BSS" > >>> psk=3D"My key" > >>> priority=3D5 > >>> } > >> > >> Do you have access to the AP? I am not sure from what you say. > >> If you do: do you still need TKIP or can you turn it off? > >> > >> For more see the posting from a few days ago how to configure > >> wpa_supplicant.conf: > >> > >> > https://lists.freebsd.org/archives/freebsd-wireless/2025-February/002912.= html > >> > >> Let me know if that helps! > >> > >> Lots of joy, > >> Bjoern > >> > >> I had assumed that the default of "CCMP TKIP" was adequate. Maybe it i= s, > > since the error I get now points elsewhere... at me. (Maybe) > > Even if it was, you don't want TKIP anymore. > > > > With the config updated, it still fails to start the network, but, with > no > > option other than CCMP available, the supplicant dies with > > "/etc/rc.d/wpa_supplicant: > > WARNING: failed to start wpa_supplicant". I see no indication that > > anything special is required to allow the supplicant to use CCMP or > > anything needed in the configuration other than the pairwise/group. > > Did it log anything as to why it did not want to start? > I think by default it goes to /var/log/daemon.log > > > > I do > > have access to the AP. The box supports 11ac, though I see no reference > to > > any crypto protocol in the specifications. > > That is sad. No option for WPA-PSK vs. WPA2-PSK or similar setting > behind which a change of this could hide? > > > If all strings fail, would you be able to test a patch? > > Bjoern I have only the choice between WPA-PSK and WPA-Default Password. For 2.4G, I also can select WEP or Off. I also have a choice between WPA2 and WPA/WPA2 when WPA is selected. Looks like I'm stuck for hte time being. I may think about a new router/AP in hte future, but with Verizon buying Frontier this spring, I'm a bit hesitant to spend $$$ on hardware that may be obsoleted in a few months. I will be changing to Comsast when I move in April, as well, with a different router/AP which is mine, not Comcast's. I am probably about due to update it as it supports 11n, but nothing newer. Thanks for helping and I'll just have to wait for TKIP support or my move north to Comcast territory. --=20 Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkoberman@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 --0000000000005f7578062f74cf5d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Mon, Mar 3, 2025 at 3:14=E2= =80=AFAM Bjoern A. Zeeb <bz@freebsd.or= g> wrote:
On Sun, 2 Mar 2025, Kev= in Oberman wrote:

> On Sun, Mar 2, 2025 at 4:56=E2=80=AFPM Bjoern A. Zeeb <bz@freebsd.org> wrote:
>
>> On Sun, 2 Mar 2025, Kevin Oberman wrote:
>>
>> Hi Kevin,
>>
>>> I was excited to see that it looked like 802.11n was on the wa= y! Tried
>>> step one, enabling 802.11 crypto, and had no luck at all. I kn= ow my AX211
>>> supports CCMP, but attempting to boot gets:
>>> wlan0: link state changed to UP
>>> iwlwifi0: _lkpi_iv_key_set: CIPHER SUITE 0xfac02 (TKIP) not su= pported
>>> wlan0: link state changed to DOWN
>>>
>>> Why don't I see any attempt to do CCMP? Am I looking at an= issue with the
>>> Arris WiFi provided by my carrier (Frontier)? I can't find= any reference
>> to
>>> encryption in the DHCP configuration. Mine is very basic PSK:<= br> >>> network=3D{
>>>=C2=A0 ssid=3D"My BSS"
>>>=C2=A0 psk=3D"My key"
>>>=C2=A0 priority=3D5
>>> }
>>
>> Do you have access to the AP?=C2=A0 I am not sure from what you sa= y.
>> If you do: do you still need TKIP or can you turn it off?
>>
>> For more see the posting from a few days ago how to configure
>> wpa_supplicant.conf:
>>
>> https://lists.= freebsd.org/archives/freebsd-wireless/2025-February/002912.html
>>
>> Let me know if that helps!
>>
>> Lots of joy,
>> Bjoern
>>
>> I had assumed that the default of "CCMP TKIP" was adequa= te. Maybe it is,
> since the error I get now points elsewhere... at me. (Maybe)

Even if it was, you don't want TKIP anymore.


> With the config updated, it still fails to start the network, but, wit= h no
> option other than CCMP available, the supplicant dies with
> "/etc/rc.d/wpa_supplicant:
> WARNING: failed to start wpa_supplicant".=C2=A0 I see no indicati= on that
> anything special is required to allow the supplicant to use CCMP or > anything needed in the configuration other than the pairwise/group.
Did it log anything as to why it did not want to start?
I think by default it goes to /var/log/daemon.log


>=C2=A0 I do
> have access to the AP. The box supports 11ac, though I see no referenc= e to
> any crypto protocol in the specifications.

That is sad.=C2=A0 No option for WPA-PSK vs. WPA2-PSK or similar setting behind which a change of this could hide?


If all strings fail, would you be able to test a patch?

Bjoern

I have only the choice between = WPA-PSK and WPA-Default Password. For 2.4G, I also can select WEP or Off. I= also have a choice between WPA2 and WPA/WPA2 when WPA is selected. Looks l= ike I'm stuck for hte time being. I may think about a new router/AP in = hte future, but with Verizon buying Frontier this spring, I'm a bit hes= itant to spend $$$ on hardware that may be obsoleted in a few months. I wil= l be changing to Comsast when I move in April, as well, with a different ro= uter/AP which is mine, not Comcast's. I am probably about due to update= it as it supports 11n, but nothing newer.

Thanks for helping and I'll just have to wait for TKIP support or my= move north to Comcast territory.
--
= Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail:= rkoberman@gmail.c= om
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055= 683
--0000000000005f7578062f74cf5d--