Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#57413 - [wpa_supplicant] Enable CONFIG_SAE
Attached to Project:
Arch Linux
Opened by Benjamin Richter (Waldteufel) - Wednesday, 07 February 2018, 13:02 GMT
Last edited by Jan Alexander Steffens (heftig) - Wednesday, 22 January 2020, 23:00 GMT
Opened by Benjamin Richter (Waldteufel) - Wednesday, 07 February 2018, 13:02 GMT
Last edited by Jan Alexander Steffens (heftig) - Wednesday, 22 January 2020, 23:00 GMT
|
DetailsSimultaneous Authentication of Equals (SAE) is a Diffie-Hellman based key establishment protocol. It is part of the 802.11s standard for mesh networking, but can also be used in AP mode. Like WPA-PSK it works with a pre-shared password, but in contrast to WPA-PSK it protects against dictionary attacks (c.f. <http://www.willhackforsushi.com/?page_id=50>).
Due to this security benefit, I suggest enabling the CONFIG_SAE build option. |
This task depends upon
Closed by Jan Alexander Steffens (heftig)
Wednesday, 22 January 2020, 23:00 GMT
Reason for closing: Fixed
Additional comments about closing: wpa_supplicant 2:2.9-4
Wednesday, 22 January 2020, 23:00 GMT
Reason for closing: Fixed
Additional comments about closing: wpa_supplicant 2:2.9-4
Comment by Benjamin Richter (Waldteufel) -
Wednesday, 07 February 2018, 13:11 GMT
Sorry, should clarify this: it protects against _offline_ dictionary attacks
Comment by Benjamin Richter (Waldteufel) -
Tuesday, 11 December 2018, 14:29 GMT
- Field changed: Percent Complete (100% → 0%)
I'm a bit confused now - even though you closed this with "fixed", the option is not enabled in the wpa_supplicant packages.
Comment by Sergej Pupykin (sergej) -
Sunday, 21 July 2019, 23:41 GMT
I suggest to add CONFIG_MESH=y too to support 802.11s.
Comment by Bjoern Franke (bjo) -
Friday, 22 November 2019, 20:43 GMT
Popular FritzBoxes support WPA3 now in their Beta-firmware, but as I tried to use it: invalid key_mgmt 'SAE'. Any reason why this option is still disabled?
Comment by Jan Alexander Steffens (heftig) -
Wednesday, 22 January 2020, 17:31 GMT
I have a wpa_supplicant build copying a bunch of CONFIG enables from Ubuntu and Fedora; pending tests.