Jump to content
Как правильно добавить self-test и прочую отладку в тему
Где взять тестовые сборки
  • 0

4-Way handshake failed

Alexandre Bougakov

Asked by Alexandre Bougakov,

 Share

Question

Alexandre Bougakov Member

Alexandre Bougakov

Posted
Posted

Бьюсь с подключением микрокомпьютера Orange PI Zero к Giga (KN-1010) EAEU (Service tag 210-829-077-051-737). Пробовал и с последней стабильной версией прошивки, и 4.1 Beta 3.

По спецификации у "Апельсинки" - Onboard WiFi XR819, IEEE 802.11 b/g/n. lshw выдаёт 

description: Wireless interface
physical id: 6
logical name: wlan0
serial: 12:42:e8:02:49:d9
capabilities: ethernet physical wireless
configuration: broadcast=yes driver=xradio_wlan driverversion=5.4.45-sunxi firmware=N/A link=no multicast=yes wireless=IEEE 802.11

"Апельсинка" раньше прекрасно работала с Keenetic Omni II, потом лежала без дела. Сейчас достал и безуспешно бодаюсь.

Список сетей видит: 

nmcli d wifi list
IN-USE  SSID            MODE   CHAN  RATE       SIGNAL  BARS  SECURITY 
        kv405 (Guest)   Infra  2     65 Mbit/s  100     ▂▄▆█  WPA2     
        kv405 2.4GHz    Infra  2     65 Mbit/s  100     ▂▄▆█  WPA2

но при попытке соединиться выдаёт "Error: Connection activation failed: (7) Secrets were required, but not provided." 

Jan 31 22:33:12 orangepizero NetworkManager[596]: <info>  [1706729592.3548] device (wlan0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0142] keyfile: add connection /run/NetworkManager/system-connections/kv405 2.4GHz 12.nmconnection (423a545b-a8ce-4800-aee3-ab649b6e5d32,"kv405 2.4GHz 12")
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0255] device (wlan0): Activation: starting connection 'kv405 2.4GHz 12' (423a545b-a8ce-4800-aee3-ab649b6e5d32)
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0375] settings-connection[0x25868f8,423a545b-a8ce-4800-aee3-ab649b6e5d32]: write: successfully commited (keyfile: update /etc/NetworkManager/system-connections/kv405 2.4GHz 12.nmconnection (423a545b-a8ce-4800-aee3-ab649b6e5d32,"kv405 2.4GHz 12") and rename from "/run/NetworkManager/system-connections/kv405 2.4GHz 12.nmconnection")
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0383] audit: op="connection-add-activate" uuid="423a545b-a8ce-4800-aee3-ab649b6e5d32" name="kv405 2.4GHz 12" pid=2743 uid=0 result="success"
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0597] device (wlan0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0657] device (wlan0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0753] device (wlan0): state change: config -> need-auth (reason 'no-secrets', sys-iface-state: 'managed')
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.0915] device (wlan0): state change: need-auth -> config (reason 'none', sys-iface-state: 'managed')
Jan 31 22:34:24 orangepizero NetworkManager[596]: <info>  [1706729664.2352] device (wlan0): new IWD device state is connecting
Jan 31 22:34:24 orangepizero kernel: wlan0: authenticate with 52:ff:20:50:59:fa
Jan 31 22:34:24 orangepizero kernel: wlan0: send auth to 52:ff:20:50:59:fa (try 1/3)
Jan 31 22:34:24 orangepizero kernel: wlan0: authenticated
Jan 31 22:34:24 orangepizero kernel: wlan0: associate with 52:ff:20:50:59:fa (try 1/3)
Jan 31 22:34:24 orangepizero kernel: wlan0: RX AssocResp from 52:ff:20:50:59:fa (capab=0x1011 status=0 aid=5)
Jan 31 22:34:24 orangepizero kernel: wlan0: associated
Jan 31 22:34:24 orangepizero kernel: wlan0: Limiting TX power to 20 (20 - 0) dBm as advertised by 52:ff:20:50:59:fa
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Jan 31 22:34:24 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Jan 31 22:34:29 orangepizero iwd[567]: 4-Way handshake failed for ifindex: 3, reason: 15
Jan 31 22:34:29 orangepizero kernel: wlan0: deauthenticating from 52:ff:20:50:59:fa by local choice (Reason: 15=4WAY_HANDSHAKE_TIMEOUT)
Jan 31 22:34:29 orangepizero kernel: xradio WSM-WRN: Issue unjoin command(TX).
Jan 31 22:34:29 orangepizero NetworkManager[596]: <error> [1706729669.2641] device (wlan0): Activation: (wifi) Network.Connect failed: GDBus.Error:net.connman.iwd.Failed: Operation failed
Jan 31 22:34:29 orangepizero NetworkManager[596]: <info>  [1706729669.2751] device (wlan0): new IWD device state is disconnected
Jan 31 22:34:29 orangepizero NetworkManager[596]: <info>  [1706729669.2775] device (wlan0): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Jan 31 22:34:29 orangepizero NetworkManager[596]: <warn>  [1706729669.2890] device (wlan0): Activation: failed for connection 'kv405 2.4GHz 12'
Jan 31 22:34:29 orangepizero NetworkManager[596]: <info>  [1706729669.3236] device (wlan0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')

В логе роутера: 

Jan 31 22:52:56 ndhcps sending ACK of 192.168.100.60 to 8c:aa:b5:d6:91:79.
Jan 31 22:53:01 ndm Network::Interface::Mtk::WifiMonitor: "WifiMaster0/AccessPoint0": STA(12:42:e8:02:49:d9) had associated (has FT caps).
Jan 31 22:53:01 ndm Network::Interface::Mtk::WifiMonitor: "WifiMaster0/AccessPoint0": STA(12:42:e8:02:49:d9) RSN IE differs in key handshaking (msg 2 of 4-way).
Jan 31 22:53:04 ndm Core::Syslog: last message repeated 3 times.
Jan 31 22:53:04 ndm Network::Interface::Mtk::WifiMonitor: "WifiMaster0/AccessPoint0": STA(8c:aa:b5:d6:91:79) had disassociated by STA (reason: due to inactivity).
Jan 31 22:53:05 ndm Network::Interface::Mtk::WifiMonitor: "WifiMaster0/AccessPoint0": STA(12:42:e8:02:49:d9) RSN IE differs in key handshaking (msg 2 of 4-way).
Jan 31 22:53:06 ndm Network::Interface::Mtk::WifiMonitor: "WifiMaster0/AccessPoint0": STA(12:42:e8:02:49:d9) had deauthenticated by STA (reason: PTK 4-way handshake timeout).

В процессе танцев с бубном пару раз удавалось подключиться, но только если создать новый сегмент (временную WiFi сеть), но систему не уловил.

Мощность урезал вплоть до 10%, включал-выключал опции, выключал 5 ггц совсем, оставлял только b режим - не помогает. Положил апельсинку рядом с роутером, не помогает тоже. По советам из интернета добавил в Network Manager опцию wifi.scan-rand-mac-address=no - не помогает.

 

 

 

self-test_KN-1010_stable_4.00.C.7.0-0_router_2024-01-31T23-00-16.976Z.txt

Link to comment
Share on other sites

20 answers to this question

Recommended Posts

  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted

Нашёл в загашнике USB-0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter.

Та же фигня: 

nmcli device status
DEVICE           TYPE      STATE         CONNECTION         
eth0             ethernet  connected     Wired connection 1 
wlan0            wifi      disconnected  --                 
wlx000f02389210  wifi      disconnected  --                 
lo               loopback  unmanaged     --                 
root@orangepizero:~# nmcli --ask dev wifi con "kv405 2.4GHz" ifname wlx000f02389210
Password: ••••••••••
Error: Connection activation failed: (7) Secrets were required, but not provided.

в логе похожее: 

Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6218] keyfile: add connection /run/NetworkManager/system-connections/kv405 2.4GHz 1.nmconnection (f7b8a023-f41c-4fb2-bc87-a14249903bf0,"kv405 2.4GHz 1")
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6416] device (wlx000f02389210): Activation: starting connection 'kv405 2.4GHz 1' (f7b8a023-f41c-4fb2-bc87-a14249903bf0)
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6640] settings-connection[0x1581860,f7b8a023-f41c-4fb2-bc87-a14249903bf0]: write: successfully commited (keyfile: update /etc/NetworkManager/system-connections/kv405 2.
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6652] audit: op="connection-add-activate" uuid="f7b8a023-f41c-4fb2-bc87-a14249903bf0" name="kv405 2.4GHz 1" pid=1516 uid=0 result="success"
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7067] device (wlx000f02389210): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7131] device (wlx000f02389210): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7217] device (wlx000f02389210): new IWD device state is connecting
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: authenticate with 52:ff:20:50:59:fa
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: send auth to 52:ff:20:50:59:fa (try 1/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: send auth to 52:ff:20:50:59:fa (try 2/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: authenticated
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: associate with 52:ff:20:50:59:fa (try 1/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: RX AssocResp from 52:ff:20:50:59:fa (capab=0x1011 status=0 aid=7)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: associated
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: Limiting TX power to 20 (20 - 0) dBm as advertised by 52:ff:20:50:59:fa
Jan 31 23:23:41 orangepizero iwd[571]: 4-Way handshake failed for ifindex: 4, reason: 15
Jan 31 23:23:41 orangepizero kernel: wlx000f02389210: deauthenticating from 52:ff:20:50:59:fa by local choice (Reason: 15=4WAY_HANDSHAKE_TIMEOUT)
Jan 31 23:23:41 orangepizero NetworkManager[596]: <error> [1706732621.8671] device (wlx000f02389210): Activation: (wifi) Network.Connect failed: GDBus.Error:net.connman.iwd.Failed: Operation failed
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.8728] device (wlx000f02389210): new IWD device state is disconnected
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.8751] device (wlx000f02389210): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Jan 31 23:23:41 orangepizero NetworkManager[596]: <warn>  [1706732621.8847] device (wlx000f02389210): Activation: failed for connection 'kv405 2.4GHz 1'
Jan 31 23:23:41 orangepizero polkitd(authority=local)[1122]: Unregistered Authentication Agent for unix-process:1516:26872 (system bus name :1.17, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnec
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.9452] device (wlx000f02389210): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')

 

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted
1 минуту назад, Alexandre Bougakov сказал:

Нашёл в загашнике USB-0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter.

Та же фигня: 

nmcli device status
DEVICE           TYPE      STATE         CONNECTION         
eth0             ethernet  connected     Wired connection 1 
wlan0            wifi      disconnected  --                 
wlx000f02389210  wifi      disconnected  --                 
lo               loopback  unmanaged     --                 
root@orangepizero:~# nmcli --ask dev wifi con "kv405 2.4GHz" ifname wlx000f02389210
Password: ••••••••••
Error: Connection activation failed: (7) Secrets were required, but not provided.

в логе похожее: 

Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6218] keyfile: add connection /run/NetworkManager/system-connections/kv405 2.4GHz 1.nmconnection (f7b8a023-f41c-4fb2-bc87-a14249903bf0,"kv405 2.4GHz 1")
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6416] device (wlx000f02389210): Activation: starting connection 'kv405 2.4GHz 1' (f7b8a023-f41c-4fb2-bc87-a14249903bf0)
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6640] settings-connection[0x1581860,f7b8a023-f41c-4fb2-bc87-a14249903bf0]: write: successfully commited (keyfile: update /etc/NetworkManager/system-connections/kv405 2.
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.6652] audit: op="connection-add-activate" uuid="f7b8a023-f41c-4fb2-bc87-a14249903bf0" name="kv405 2.4GHz 1" pid=1516 uid=0 result="success"
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7067] device (wlx000f02389210): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7131] device (wlx000f02389210): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
Jan 31 23:23:36 orangepizero NetworkManager[596]: <info>  [1706732616.7217] device (wlx000f02389210): new IWD device state is connecting
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: authenticate with 52:ff:20:50:59:fa
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: send auth to 52:ff:20:50:59:fa (try 1/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: send auth to 52:ff:20:50:59:fa (try 2/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: authenticated
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: associate with 52:ff:20:50:59:fa (try 1/3)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: RX AssocResp from 52:ff:20:50:59:fa (capab=0x1011 status=0 aid=7)
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: associated
Jan 31 23:23:36 orangepizero kernel: wlx000f02389210: Limiting TX power to 20 (20 - 0) dBm as advertised by 52:ff:20:50:59:fa
Jan 31 23:23:41 orangepizero iwd[571]: 4-Way handshake failed for ifindex: 4, reason: 15
Jan 31 23:23:41 orangepizero kernel: wlx000f02389210: deauthenticating from 52:ff:20:50:59:fa by local choice (Reason: 15=4WAY_HANDSHAKE_TIMEOUT)
Jan 31 23:23:41 orangepizero NetworkManager[596]: <error> [1706732621.8671] device (wlx000f02389210): Activation: (wifi) Network.Connect failed: GDBus.Error:net.connman.iwd.Failed: Operation failed
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.8728] device (wlx000f02389210): new IWD device state is disconnected
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.8751] device (wlx000f02389210): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Jan 31 23:23:41 orangepizero NetworkManager[596]: <warn>  [1706732621.8847] device (wlx000f02389210): Activation: failed for connection 'kv405 2.4GHz 1'
Jan 31 23:23:41 orangepizero polkitd(authority=local)[1122]: Unregistered Authentication Agent for unix-process:1516:26872 (system bus name :1.17, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnec
Jan 31 23:23:41 orangepizero NetworkManager[596]: <info>  [1706732621.9452] device (wlx000f02389210): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')

 

Пробовали ли вы фиксировать канал на роутере? например для 2.4 - 1, для 5 - 36.

 

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted
Только что, Alexandre Bougakov сказал:

Да, обычно у меня выбран канал 1, выбирал и 6, и 11 - не помогает. Глушить 5Ггц - не помогает. Менять режимы b/g/n не помогает.

Странно. А там что что то типа debian?

Link to comment
Share on other sites
  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted

Продолжаю копать. Заметил, что BSSID Кинетика отличается на одну цифру - настоящий это 50:ff:20:50:59:fa, а в логах на клиенте первые цифры "52". Также бросается в глаза "Unknown" в Authentication suites. 

# iw dev wlan0 scan

BSS 52:ff:20:50:59:fa(on wlan0)
	TSF: 49667392996 usec (0d, 13:47:47)
	freq: 2437
	beacon interval: 100 TUs
	capability: ESS Privacy RadioMeasure (0x1011)
	signal: -54.00 dBm
	last seen: 13632 ms ago
	Information elements from Probe Response frame:
	SSID: kv405 2.4GHz
	Supported rates: 6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 
	DS Parameter set: channel 6
	HT capabilities:
		Capabilities: 0x9ad
			RX LDPC
			HT20
			SM Power Save disabled
			RX HT20 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 7935 bytes
			No DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 4 usec (0x05)
		HT RX MCS rate indexes supported: 0-15, 32
		HT TX MCS rate indexes are undefined
	HT operation:
		 * primary channel: 6
		 * secondary channel offset: no secondary
		 * STA channel width: 20 MHz
		 * RIFS: 0
		 * HT protection: no
		 * non-GF present: 1
		 * OBSS non-GF present: 0
		 * dual beacon: 0
		 * dual CTS protection: 0
		 * STBC beacon: 0
		 * L-SIG TXOP Prot: 0
		 * PCO active: 0
		 * PCO phase: 0
	RSN:	 * Version: 1
		 * Group cipher: CCMP
		 * Pairwise ciphers: CCMP
		 * Authentication suites: PSK FT/PSK
		 * Capabilities: 1-PTKSA-RC 1-GTKSA-RC (0x0000)
	Extended capabilities:
		 * BSS Transition
		 * Max Number Of MSDUs In A-MSDU is unlimited
	BSS Load:
		 * station count: 5
		 * channel utilisation: 0/255
		 * available admission capacity: 31250 [*32us]
	WMM:	 * Parameter version 1
		 * BE: CW 15-1023, AIFSN 3
		 * BK: CW 15-1023, AIFSN 7
		 * VI: CW 7-15, AIFSN 2, TXOP 3008 usec
		 * VO: CW 3-7, AIFSN 2, TXOP 1504 usec
	Power constraint: 3 dB
	TPC report: TX power: 26 dBm
	Country: RU	Environment: Indoor/Outdoor
		Channels [1 - 13] @ 20 dBm
	VHT capabilities:
		VHT Capabilities (0x33c001b1):
			Max MPDU length: 7991
			Supported Channel Width: neither 160 nor 80+80
			RX LDPC
			short GI (80 MHz)
			TX STBC
			+HTC-VHT
			RX antenna pattern consistency
			TX antenna pattern consistency
		VHT RX MCS set:
			1 streams: MCS 0-8
			2 streams: MCS 0-8
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT RX highest supported: 156 Mbps
		VHT TX MCS set:
			1 streams: MCS 0-8
			2 streams: MCS 0-8
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT TX highest supported: 156 Mbps
	VHT operation:
		 * channel width: 0 (20 or 40 MHz)
		 * center freq segment 1: 6
		 * center freq segment 2: 0
		 * VHT basic MCS set: 0xfff5

альтернативно  

# iwlist scanning

          Cell 09 - Address: 52:FF:20:50:59:FA
                    Channel:6
                    Frequency:2.437 GHz (Channel 6)
                    Quality=56/70  Signal level=-54 dBm  
                    Encryption key:on
                    ESSID:"kv405 2.4GHz"
                    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                              36 Mb/s; 48 Mb/s; 54 Mb/s
                    Mode:Master
                    Extra:tsf=0000000bb481c9e8
                    Extra: Last beacon: 560ms ago
                    IE: Unknown: 000C6B7634303520322E3447487A
                    IE: Unknown: 01088C129824B048606C
                    IE: Unknown: 030106
                    IE: Unknown: 2D1AAD0917FFFF000001000000000000000000000000000000000000
                    IE: Unknown: 3D1606000400000000000000000000000000000000000000
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (2) : PSK unknown (4)
                    IE: Unknown: 7F080000080000000000
                    IE: Unknown: 0B05060000127A
                    IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00
                    IE: Unknown: 46050200010000
                    IE: Unknown: 330E040102030405060708090A0B0C0D
                    IE: Unknown: 200103
                    IE: Unknown: 23021A00
                    IE: Unknown: 0706525520010D14
                    IE: Unknown: BF0CB101C033F5FF9C00F5FF9C20
                    IE: Unknown: C005000600F5FF
                    IE: Unknown: 3603784400
                    IE: Unknown: DD21000CE708000000BF0CB101C0332AFF92042AFF9204C0050000002AFFC303010202

 

 

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted
10 минут назад, Alexandre Bougakov сказал:

Продолжаю копать. Заметил, что BSSID Кинетика отличается на одну цифру - настоящий это 50:ff:20:50:59:fa, а в логах на клиенте первые цифры "52". Также бросается в глаза "Unknown" в Authentication suites. 

# iw dev wlan0 scan

BSS 52:ff:20:50:59:fa(on wlan0)
	TSF: 49667392996 usec (0d, 13:47:47)
	freq: 2437
	beacon interval: 100 TUs
	capability: ESS Privacy RadioMeasure (0x1011)
	signal: -54.00 dBm
	last seen: 13632 ms ago
	Information elements from Probe Response frame:
	SSID: kv405 2.4GHz
	Supported rates: 6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 
	DS Parameter set: channel 6
	HT capabilities:
		Capabilities: 0x9ad
			RX LDPC
			HT20
			SM Power Save disabled
			RX HT20 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 7935 bytes
			No DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 4 usec (0x05)
		HT RX MCS rate indexes supported: 0-15, 32
		HT TX MCS rate indexes are undefined
	HT operation:
		 * primary channel: 6
		 * secondary channel offset: no secondary
		 * STA channel width: 20 MHz
		 * RIFS: 0
		 * HT protection: no
		 * non-GF present: 1
		 * OBSS non-GF present: 0
		 * dual beacon: 0
		 * dual CTS protection: 0
		 * STBC beacon: 0
		 * L-SIG TXOP Prot: 0
		 * PCO active: 0
		 * PCO phase: 0
	RSN:	 * Version: 1
		 * Group cipher: CCMP
		 * Pairwise ciphers: CCMP
		 * Authentication suites: PSK FT/PSK
		 * Capabilities: 1-PTKSA-RC 1-GTKSA-RC (0x0000)
	Extended capabilities:
		 * BSS Transition
		 * Max Number Of MSDUs In A-MSDU is unlimited
	BSS Load:
		 * station count: 5
		 * channel utilisation: 0/255
		 * available admission capacity: 31250 [*32us]
	WMM:	 * Parameter version 1
		 * BE: CW 15-1023, AIFSN 3
		 * BK: CW 15-1023, AIFSN 7
		 * VI: CW 7-15, AIFSN 2, TXOP 3008 usec
		 * VO: CW 3-7, AIFSN 2, TXOP 1504 usec
	Power constraint: 3 dB
	TPC report: TX power: 26 dBm
	Country: RU	Environment: Indoor/Outdoor
		Channels [1 - 13] @ 20 dBm
	VHT capabilities:
		VHT Capabilities (0x33c001b1):
			Max MPDU length: 7991
			Supported Channel Width: neither 160 nor 80+80
			RX LDPC
			short GI (80 MHz)
			TX STBC
			+HTC-VHT
			RX antenna pattern consistency
			TX antenna pattern consistency
		VHT RX MCS set:
			1 streams: MCS 0-8
			2 streams: MCS 0-8
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT RX highest supported: 156 Mbps
		VHT TX MCS set:
			1 streams: MCS 0-8
			2 streams: MCS 0-8
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT TX highest supported: 156 Mbps
	VHT operation:
		 * channel width: 0 (20 or 40 MHz)
		 * center freq segment 1: 6
		 * center freq segment 2: 0
		 * VHT basic MCS set: 0xfff5

альтернативно  

# iwlist scanning

          Cell 09 - Address: 52:FF:20:50:59:FA
                    Channel:6
                    Frequency:2.437 GHz (Channel 6)
                    Quality=56/70  Signal level=-54 dBm  
                    Encryption key:on
                    ESSID:"kv405 2.4GHz"
                    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                              36 Mb/s; 48 Mb/s; 54 Mb/s
                    Mode:Master
                    Extra:tsf=0000000bb481c9e8
                    Extra: Last beacon: 560ms ago
                    IE: Unknown: 000C6B7634303520322E3447487A
                    IE: Unknown: 01088C129824B048606C
                    IE: Unknown: 030106
                    IE: Unknown: 2D1AAD0917FFFF000001000000000000000000000000000000000000
                    IE: Unknown: 3D1606000400000000000000000000000000000000000000
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (2) : PSK unknown (4)
                    IE: Unknown: 7F080000080000000000
                    IE: Unknown: 0B05060000127A
                    IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00
                    IE: Unknown: 46050200010000
                    IE: Unknown: 330E040102030405060708090A0B0C0D
                    IE: Unknown: 200103
                    IE: Unknown: 23021A00
                    IE: Unknown: 0706525520010D14
                    IE: Unknown: BF0CB101C033F5FF9C00F5FF9C20
                    IE: Unknown: C005000600F5FF
                    IE: Unknown: 3603784400
                    IE: Unknown: DD21000CE708000000BF0CB101C0332AFF92042AFF9204C0050000002AFFC303010202

 

 

Так и должно быть. Сейчас у себя проверил, точно так же отличается на одну цыфру

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted

Ощущение, что не поддерживается какой то вид шифрования, попробуйте поменять защиту сети с wpa2 на какой-то другой.

У меня на компьютере и ноуте линукс, все прекрасно работает.

Link to comment
Share on other sites
  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted

Выключил Кинетик из розетки. Достал с антресолей дешманский роутер Netis, настроил на нём такую же WiFi сеть. Делаю `iwlist scanning` - вместо странного `Authentication Suites (2) : PSK unknown (4)` вижу корректное `PSK`: 

          Cell 06 - Address: 04:5E:A4:57:D2:EB
                    Channel:9
                    Frequency:2.452 GHz (Channel 9)
                    Quality=70/70  Signal level=-19 dBm  
                    Encryption key:on
                    ESSID:"kv405 2.4GHz"
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                              9 Mb/s; 12 Mb/s; 18 Mb/s
                    Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s
                    Mode:Master
                    Extra:tsf=0000000007fde465
                    Extra: Last beacon: 452ms ago
                    IE: Unknown: 000C6B7634303520322E3447487A
                    IE: Unknown: 010882848B960C121824
                    IE: Unknown: 030109
                    IE: Unknown: 2A0100
                    IE: Unknown: 32043048606C
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK
                    IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00
                    IE: Unknown: DD0600E04C020160
                    IE: Unknown: 7F080000000000000000

Успешно подключаюсь: 

root@orangepizero:~# nmcli --ask dev wifi con "kv405 2.4GHz"
Password: ••••••••••
Device 'wlan0' successfully activated with 'dea5c03c-9f08-43b6-818f-108701e00e2c'.

root@orangepizero:~# nmcli -f in-use,ssid,bssid,signal,bars  dev wifi
IN-USE  SSID            BSSID              SIGNAL  BARS 
*       kv405 2.4GHz    00:01:02:00:00:00  100     ▂▄▆█ 
        MTS_GPON_EEBC   00:01:02:00:00:01  57      ▂▄▆_ 
        MGTS_GPON_C7CF  00:01:02:00:00:04  52      ▂▄__ 
		
root@orangepizero:~# nmcli dev status
DEVICE  TYPE      STATE      CONNECTION         
eth0    ethernet  connected  Wired connection 1 
wlan0   wifi      connected  kv405 2.4GHz       
lo      loopback  unmanaged  --         

root@orangepizero:~# cd /etc/NetworkManager/system-connections
root@orangepizero:/etc/NetworkManager/system-connections# ls -la
total 12
drwxr-xr-x 2 root root 4096 Feb  1 12:25  .
drwxr-xr-x 7 root root 4096 Jan 31 22:49  ..
-rw------- 1 root root  319 Feb  1 12:25 'kv405 2.4GHz.nmconnection'

root@orangepizero:/etc/NetworkManager/system-connections# cat kv405\ 2.4GHz.nmconnection 
[connection]
id=kv405 2.4GHz
uuid=dea5c03c-9f08-43b6-818f-108701e00e2c
type=wifi
permissions=

[wifi]
mac-address-blacklist=
mode=infrastructure
ssid=kv405 2.4GHz

[wifi-security]
auth-alg=open
key-mgmt=wpa-psk
psk=redacted

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

Хмыкаю, выдёргиваю дешманский роутер из розетки, включаю обратно Кинетик: 

# nmcli con up dea5c03c-9f08-43b6-818f-108701e00e2c
Error: Connection activation failed: Secrets were required, but not provided

В логе снова до боли знакомое про 4-way handshake: 

Feb 01 12:48:56 orangepizero nm-dispatcher[1630]: req:1 'down' [wlan0]: start running ordered scripts...
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:57 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:57 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:59 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:59 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:49:01 orangepizero iwd[563]: 4-Way handshake failed for ifindex: 3, reason: 15
Feb 01 12:49:01 orangepizero kernel: wlan0: deauthenticating from 52:ff:20:50:59:fa by local choice (Reason: 15=4WAY_HANDSHAKE_TIMEOUT)
Feb 01 12:49:01 orangepizero kernel: xradio WSM-WRN: Issue unjoin command(TX).
Feb 01 12:49:01 orangepizero NetworkManager[608]: <error> [1706780941.2391] device (wlan0): Activation: (wifi) Network.Connect failed: GDBus.Error:net.connman.iwd.Failed: Operation failed
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2447] device (wlan0): new IWD device state is disconnected
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2463] device (wlan0): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Feb 01 12:49:01 orangepizero NetworkManager[608]: <warn>  [1706780941.2558] device (wlan0): Activation: failed for connection 'kv405 2.4GHz'
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2620] device (wlan0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')

 

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted
2 минуты назад, Alexandre Bougakov сказал:

Выключил Кинетик из розетки. Достал с антресолей дешманский роутер Netis, настроил на нём такую же WiFi сеть. Делаю `iwlist scanning` - вместо странного `Authentication Suites (2) : PSK unknown (4)` вижу корректное `PSK`: 

          Cell 06 - Address: 04:5E:A4:57:D2:EB
                    Channel:9
                    Frequency:2.452 GHz (Channel 9)
                    Quality=70/70  Signal level=-19 dBm  
                    Encryption key:on
                    ESSID:"kv405 2.4GHz"
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                              9 Mb/s; 12 Mb/s; 18 Mb/s
                    Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s
                    Mode:Master
                    Extra:tsf=0000000007fde465
                    Extra: Last beacon: 452ms ago
                    IE: Unknown: 000C6B7634303520322E3447487A
                    IE: Unknown: 010882848B960C121824
                    IE: Unknown: 030109
                    IE: Unknown: 2A0100
                    IE: Unknown: 32043048606C
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK
                    IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00
                    IE: Unknown: DD0600E04C020160
                    IE: Unknown: 7F080000000000000000

Успешно подключаюсь: 

root@orangepizero:~# nmcli --ask dev wifi con "kv405 2.4GHz"
Password: ••••••••••
Device 'wlan0' successfully activated with 'dea5c03c-9f08-43b6-818f-108701e00e2c'.

root@orangepizero:~# nmcli -f in-use,ssid,bssid,signal,bars  dev wifi
IN-USE  SSID            BSSID              SIGNAL  BARS 
*       kv405 2.4GHz    00:01:02:00:00:00  100     ▂▄▆█ 
        MTS_GPON_EEBC   00:01:02:00:00:01  57      ▂▄▆_ 
        MGTS_GPON_C7CF  00:01:02:00:00:04  52      ▂▄__ 
		
root@orangepizero:~# nmcli dev status
DEVICE  TYPE      STATE      CONNECTION         
eth0    ethernet  connected  Wired connection 1 
wlan0   wifi      connected  kv405 2.4GHz       
lo      loopback  unmanaged  --         

root@orangepizero:~# cd /etc/NetworkManager/system-connections
root@orangepizero:/etc/NetworkManager/system-connections# ls -la
total 12
drwxr-xr-x 2 root root 4096 Feb  1 12:25  .
drwxr-xr-x 7 root root 4096 Jan 31 22:49  ..
-rw------- 1 root root  319 Feb  1 12:25 'kv405 2.4GHz.nmconnection'

root@orangepizero:/etc/NetworkManager/system-connections# cat kv405\ 2.4GHz.nmconnection 
[connection]
id=kv405 2.4GHz
uuid=dea5c03c-9f08-43b6-818f-108701e00e2c
type=wifi
permissions=

[wifi]
mac-address-blacklist=
mode=infrastructure
ssid=kv405 2.4GHz

[wifi-security]
auth-alg=open
key-mgmt=wpa-psk
psk=redacted

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

Хмыкаю, выдёргиваю дешманский роутер из розетки, включаю обратно Кинетик: 

# nmcli con up dea5c03c-9f08-43b6-818f-108701e00e2c
Error: Connection activation failed: Secrets were required, but not provided

В логе снова до боли знакомое про 4-way handshake: 

Feb 01 12:48:56 orangepizero nm-dispatcher[1630]: req:1 'down' [wlan0]: start running ordered scripts...
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:56 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:57 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:57 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:48:59 orangepizero kernel: xradio TXRX-WRN: received frame has no key status
Feb 01 12:48:59 orangepizero kernel: xradio TXRX-WRN: dropped received frame
Feb 01 12:49:01 orangepizero iwd[563]: 4-Way handshake failed for ifindex: 3, reason: 15
Feb 01 12:49:01 orangepizero kernel: wlan0: deauthenticating from 52:ff:20:50:59:fa by local choice (Reason: 15=4WAY_HANDSHAKE_TIMEOUT)
Feb 01 12:49:01 orangepizero kernel: xradio WSM-WRN: Issue unjoin command(TX).
Feb 01 12:49:01 orangepizero NetworkManager[608]: <error> [1706780941.2391] device (wlan0): Activation: (wifi) Network.Connect failed: GDBus.Error:net.connman.iwd.Failed: Operation failed
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2447] device (wlan0): new IWD device state is disconnected
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2463] device (wlan0): state change: config -> failed (reason 'no-secrets', sys-iface-state: 'managed')
Feb 01 12:49:01 orangepizero NetworkManager[608]: <warn>  [1706780941.2558] device (wlan0): Activation: failed for connection 'kv405 2.4GHz'
Feb 01 12:49:01 orangepizero NetworkManager[608]: <info>  [1706780941.2620] device (wlan0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')

 

Что и говорит о том, что не поддерживается какой то протокол или вид шифрования. в нетисе все проще устроено, потому и подключение проходит. Другие то устройства у вас к кинетику нормально подключаются?

Link to comment
Share on other sites
  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted
6 minutes ago, Илья Картавенко said:

Что и говорит о том, что не поддерживается какой то протокол или вид шифрования. в нетисе все проще устроено, потому и подключение проходит. Другие то устройства у вас к кинетику нормально подключаются?

Да, устройства на iOS 17 и iPadOS 17 нормально, были странности с MacOS Sonoma, но решились удалением сети и перенастройкой на Кинетике.

Чтение в интернетах намекает на эту проблему - https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267 - похоже что из OpenSSL выпилили TLS 1.1 и это приводит к сбоям. В качестве решения предлагается в конфигах OpenSSL вписать: 

[system_default_sect]
Options = UnsafeLegacyRenegotiation
CipherString = DEFAULT@SECLEVEL=1

Но засада в том, что это для wpa_supplicant, а не для моего iwd, про который написано что "iwd does not use OpenSSL or any other userspace cryptographic library. "

В связи с этим вопрос. Как заставить Кинетик быть более толерантным к ciphers на клиенте?

Link to comment
Share on other sites
  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted
18 minutes ago, Илья Картавенко said:

Надо как то обновить.

А если бы у меня был, простигосподи, умный WiFi холодильник с этой версией Ubuntu, прошитой намертво, мне что - надо было бы его выкинуть и купить новый ради совместимости с Кинетиком? Может наоборот производитель озаботится поддержкой всех ciphers со своей стороны?

Link to comment
Share on other sites
  • 0
Илья Картавенко Honored Flooder

Илья Картавенко

Posted
Posted
1 минуту назад, Alexandre Bougakov сказал:

А если бы у меня был, простигосподи, умный WiFi холодильник с этой версией Ubuntu, прошитой намертво, мне что - надо было бы его выкинуть и купить новый ради совместимости с Кинетиком? Может наоборот производитель озаботится поддержкой всех ciphers со своей стороны?

Ни один производитель не может тянуть все возможные ciphers, тем более устаревшие. Это проблем не роутера это проблема клиента, который поддерживает не все, что прописано в стандарте. На холодильниках прошивка тоже обновляется. 

Link to comment
Share on other sites
  • 0
Alexandre Bougakov Member

Alexandre Bougakov

Posted
  • Author
Posted
17 hours ago, Migel said:

Все что касается Mesh на кинетике выключили?

Было выключено, но компонент не был удалён. Попробую. К сожалению, я полез обновлять ядро Linix на клиенте, как советовал товарищ выше и всё предсказуемо пошло в... ну, в общем, в тот орган тела, в который обычно идут дела, когда ты нарушаешь великий принцип "работает, не трогай".

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...