lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <27228.1268814093@localhost>
Date:	Wed, 17 Mar 2010 04:21:33 -0400
From:	Valdis.Kletnieks@...edu
To:	Johannes Berg <johannes@...solutions.net>
Cc:	linux-kernel@...r.kernel.org, linux-wireless@...r.kernel.org
Subject: Re: Weird wireless/wpa_supplicant screw-up.

On Tue, 16 Mar 2010 20:22:30 PDT, Johannes Berg said:
> On Tue, 2010-03-16 at 23:06 -0400, Valdis.Kletnieks@...edu wrote:

> > If a TX key has been set anyplace, what allows me
> > to verify that it was in fact set?
> 
> Nothing. Blame it on wext and on the fact that nobody cares.

Pretty fucking fundemental thing to not care about, being able to tell whether
or not your connection is in fact encrypted or not. But I guess you expect
users to be all-knowing and magically know that even though iwconfig says
'Encryption key: off' that in fact their connection is encrypted (unless of
course it's off because it's not encrypted), and how to troubleshoot the
difference between "not encrypted" and "lying about not being encrypted" when
the utilities in wireless-tools provide the same output in both cases.

Unfortunately, I'm a stupid idiot, and when I'm trying to get wpa_supplicant
working and hitting various unrelated certificate issues, resolve those,
finally get wpa_supplicant to say it connected, but then I type 'iwconfig'
and it *still* says "Encryption key: off", I'm unable to make the leap of
logic and say "AHA! It's encrypted now", and I start trying to find what I
still have to fix so it will say it's encrypted.

Sorry for bothering you and wasting your time.

> problem is, if there is one. If your actual problem is just that iwlist
> reports what you think is wrong information (which is just incomplete,
> it doesn't show the PTK) then that's nothing I actually care about
> fixing.

The problem is a combination of things - (a) iwlist and iwconfig report no
crypto and (b) there doesn't seem to be any *other* way for userspace to find
out that in fact you have an encrypted WPA2 connection.


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ