WPA2 in openSUSE 11.3: TKIP? or AES?

Hi,

I am wondering if WPA2 encryption in openSUSE 11.3 YAST is actually TKIP or AES? My wireless router uses the later. I keep having the problem of wireless authentication window popping up.

Thank you.

On 08/24/2010 02:36 PM, taytong888 wrote:
>
> Hi,
>
> I am wondering if WPA2 encryption in openSUSE 11.3 YAST is actually
> TKIP or AES? My wireless router uses the later. I keep having the
> problem of wireless authentication window popping up.

It is AES for WPA2 and TKIP for WPA. YaST has nothing to do with it - encryption
is handled by wpa_supplicant whether you use NetworkManager or ifup.

The window pops usually pops up because the secret is wrong. Look in dmesg or
/var/log/NetworkManager for clues.

Hi,

  1. dmesg:
 5675.260063] ath0: authenticated
 5675.260102] ath0: associate with 00:1f:33:b4:e1:d8 (try 1)
 5675.262267] ath0: RX AssocResp from 00:1f:33:b4:e1:d8 (capab=0x411 status=18 aid=0)
 5675.262271] ath0: 00:1f:33:b4:e1:d8 denied association (code=18)
 5675.262291] ath0: deauthenticating from 00:1f:33:b4:e1:d8 by local choice (reason=3)
  1. gedit /var/log/NetworkManager:
Aug 24 01:39:54 linux-zs9s nm-dispatcher.action: Script '/etc/NetworkManager/dispatcher.d/autofs' exited with error status 1.
Aug 24 01:40:24 linux-zs9s NetworkManager: <info>  Activation (wlan1_rename/wireless): access point 'Auto snynhatrang' has security, but secrets are required.
Aug 24 01:40:40 linux-zs9s NetworkManager: <info>  Activation (wlan0/wireless): connection 'Auto snynhatrang' has security, and secrets exist.  No new secrets needed.
Aug 24 01:41:09 linux-zs9s NetworkManager: <info>  Activation (wlan0) failed for access point (snynhatrang)
Aug 24 01:41:09 linux-zs9s NetworkManager: <info>  Marking connection 'Auto snynhatrang' invalid.
Aug 24 01:46:06 linux-zs9s NetworkManager: <WARN>  nm_device_wifi_set_mode(): error setting card wlan0 to mode 2: Network is down.
Aug 24 03:29:10 linux-zs9s nm-dispatcher.action: nm_dispatcher_action: Invalid connection: '(null)' / 'connection setting not found' invalid: 1
Aug 24 03:29:10 linux-zs9s NetworkManager: supplicant_interface_acquire: assertion `mgr_state == NM_SUPPLICANT_MANAGER_STATE_IDLE' failed
Aug 24 11:07:45 linux-zs9s NetworkManager: &lt;info&gt;  Found wlan radio killswitch rfkill0 (at /sys/devices/pci0000:00/0000:00:06.0/0000:02:00.0/ieee80211/phy0/rfkill0) (driver &lt;unknown&gt;)
Aug 24 11:09:26 linux-zs9s NetworkManager: &lt;WARN&gt;  default_adapter_cb(): bluez error getting default adapter: The name org.bluez was not provided by any .service files....

I don’t understand a lot of these “error messages”. Please let me know how I can sort the problem. Thank you.

On 08/24/2010 08:36 PM, taytong888 wrote:
>
> Hi,
>
> 1) dmesg:
>
> Code:
> --------------------
> 5675.260063] ath0: authenticated
> 5675.260102] ath0: associate with 00:1f:33:b4:e1:d8 (try 1)
> 5675.262267] ath0: RX AssocResp from 00:1f:33:b4:e1:d8 (capab=0x411 status=18 aid=0)
> 5675.262271] ath0: 00:1f:33:b4:e1:d8 denied association (code=18)
> 5675.262291] ath0: deauthenticating from 00:1f:33:b4:e1:d8 by local choice (reason=3)
> --------------------

Reason 18 is an invalid group cipher. You have not configured WPA or WPA2 correctly.

Hi,

I did check every character, some how cannot connect to my own access point which is only a few feet away (B-G-N, WPA2-PSK authentication, 60+ characters AES encryption). Wireless authentication windows pops up regularly whenever I try to connect to it.

It’s odd that even though via YAST ifup I set up wireless connection to the above, eventually the laptop connects only to my brother’s AP next door which is G-N, WPA-PSK, TKIP and 10+ characters. Has /var/log/NetworkManager revealed anything to you?

Since then, I have editted all connections via NM icon to allow access by “everyone”, i.e. only me and admin (myself) and the wireless authentication problem seems resolved as far as connection nextdoor is concerned.

On 08/25/2010 12:06 AM, taytong888 wrote:
>
> Hi,
>
> I did check every character, some how cannot connect to my own access
> point which is only a few feet away (B-G-N, WPA2-PSK authentication, 60+
> characters AES encryption). Wireless authentication windows pops up
> regularly whenever I try to connect to it.

There may be a bug that limits the key length and your 60+ may be too long. If
you can, please try a key of 20 characters.

I suspect the long key length too, although I never had any problems with Broadcom wl STA driver running Linksys WPC300N in Win 7, Ubuntu 10.04 and Fedora13. Just checked ath0 using rfkill but nothing was blocked.

i have the same problem lately, but it was working fine till now. i just assume it is caused by some os updates, because nothing else changed. i have a netbook, samsung nc10, and suse 11.3 kde 4.5.3. i am conecting to my netgear router from the same room. i use wpa2 + aes, 63 char wifi key. after 15-20 min i got disconnected, the window pop up. i check the pass and pres ok. the window pop up again. after 3 attempts no more pop ups, no internet connection. in my router there if option " wpa2 aes" and “wpa2 aes + tkip”. so i selected the second one “aes + tkip” and no more problems. now my netbook uses TKIP encryption (checked the properties). as i mentioned, it was working ok since the release of 11.3, it all started a week ago, maybe 2. hope in next updates the bug fill be fixed.
note: tkip is for wpa2, and not for wpa! aes+tkip means ,i presume, a device tries AES, if it fails, it tries TKIP.

Wi-Fi Alliance: Glossary

I would guess that in your (probably WPA2TM-certified) will have the ability to fall back to the ‘security’ of the old WPA standard (because of the backwards compatibility) - and so uses now the vulnerable :open_mouth: TKIP (Temporal Key Integrity Protocol) from 2002.
So my greetings to you and also to Martin Beck, Erik Tews, Finn M. Halvorsen, Olav Haugen, Martin Eian, Stig F. Mjølsnes, Toshihiro Ohigashi and Masakatu Morii :sarcastic:

Have a lot of luck!
pistazienfresser