Authentifizierungsproblem mit wpa_supplicant und Intel 3945

sasch00 · 24 Nov. 2006

Hallo!
Ich hab ein Dell Inspiron 9400 und ich versuche verzweifelt den wpa_supplicant zu konfigurieren.

Ich nutze Suse 10.1.

mit WEP funktioniert die Verbindung einwandfrei, mit wpa allerdings nicht.

Ich hoffe ihr könnt mir helfen, vielen Dank dafür schonmal im Voraus:

iwconfig gibt folgendes aus:
lo no wireless extensions.

eth0 no wireless extensions.

eth1 IEEE 802.11g ESSID:"802.1X"
Mode:Managed Frequency:2.442 GHz Access Point: 00:12

9:42:8F:A0
Bit Rate:54 Mb/s Tx-Power:15 dBm
Retry limit:15 RTS thr

ff Fragment thr

ff
Encryption key:1E4C-859E-A50B-C787-014A-4BE1-76 [4] Security mode

pen
Power Management

ff
Link Quality=94/100 Signal level=-36 dBm Noise level=-37 dBm
Rx invalid nwid:0 Rx invalid crypt:10 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:720 Missed beacon:0

sit0 no wireless extensions

wenn ich wpa_supplicant -Dwext -ieth1 -c/etc/wpa_supplicant.conf -d ausführe erhalte ich folgende Meldung:

Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
Priority group 0
id=0 ssid='802.1X'
Initializing interface (2) 'eth1'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
SIOCGIWRANGE: WE(compiled)=19 WE(source)=16 enc_capa=0x0
capabilities: key_mgmt 0x0 enc 0x3
Own MAC address: 00:18:de:9c:9e:17
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Added interface eth1
Wireless event: cmd=0x8b06 len=12
State: DISCONNECTED -> SCANNING
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=6):
38 30 32 2e 31 58 802.1X
Scan timeout - try to get results
Received 1223 bytes of scan results (5 BSSes)
Scan results: 5
Selecting BSS from priority group 0
0: 00:12:d9:42:8f:a0 ssid='802.1X' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
1: 00:12:d9:42:99:60 ssid='802.1X' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
2: 00:12:d9:42:a8:20 ssid='802.1X' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
3: 00:12:d9:4a:1f:00 ssid='802.1X' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
4: 00:13:7f:53:34:c0 ssid='802.1X' wpa_ie_len=0 rsn_ie_len=0 caps=0x11
skip - no WPA/RSN IE
selected non-WPA AP 00:12:d9:42:8f:a0 ssid='802.1X'
Trying to associate with 00:12:d9:42:8f:a0 (SSID='802.1X' freq=0 MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
WPA: clearing AP WPA IE
WPA: clearing AP RSN IE
WPA: clearing own WPA/RSN IE
No keys have been configured - skip key clearing
wpa_driver_wext_set_drop_unencrypted
State: SCANNING -> ASSOCIATING
wpa_driver_wext_associate
Setting authentication timeout: 10 sec 0 usec
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b06 len=12
Wireless event: cmd=0x8b1a len=23
RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added
Wireless event: cmd=0x8b15 len=24
Wireless event: new AP: 00:12:d9:42:8f:a0
State: ASSOCIATING -> ASSOCIATED
Associated to a new BSS: BSSID=00:12:d9:42:8f:a0
No keys have been configured - skip key clearing
Associated with 00:12:d9:42:8f:a0
WPA: Association event - clear replay counter
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RX EAPOL from 00:12:d9:42:8f:a0
Setting authentication timeout: 70 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=1
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=46):
00 6e 65 74 77 6f 72 6b 69 64 3d 38 30 32 2e 31 _networkid=802.1
58 2c 6e 61 73 69 64 3d 47 52 45 30 33 2d 32 36 X,nasid=GRE03-26
32 2d 31 33 38 2c 70 6f 72 74 69 64 3d 30 2-138,portid=0
EAP: using real identity - hexdump_ascii(len=34):
73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 sascha.petersen@
73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e student.fh-kiel.
64 65 de
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=2
EAP: EAP entering state GET_METHOD
EAP: initialize selected EAP method (21, TTLS)
EAP-TTLS: Phase2 type: EAP
EAP-TTLS: Phase2 EAP types - hexdump(len=7): 04 1a 06 05 11 ff 2e
TLS: Trusted root certificate(s) loaded
CTRL-EVENT-EAP-METHOD EAP method 21 (TTLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TTLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before/connect initialization
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client hello A
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read server hello A
SSL: SSL_connect - want more data
SSL: 100 bytes pending from ssl_out
SSL: 100 bytes left to be sent out (of total 100 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=3
EAP: EAP entering state METHOD
SSL: Received packet(len=1034) - Flags 0xc0
SSL: TLS Message Length: 2038
SSL: Need 1014 bytes more input data
SSL: Building ACK
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=4
EAP: EAP entering state METHOD
SSL: Received packet(len=1024) - Flags 0x80
SSL: TLS Message Length: 2038
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server hello A
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) depth=1 buf='/C=DE/ST=Schleswig-Holstein/L=Kiel/O=FH-Kiel/OU=NSC/CN=Client certificate/emailAddress=hostmaster@fh-kiel.de'
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) depth=0 buf='/C=DE/ST=Schleswig-Holstein/L=Kiel/O=FH-Kiel/OU=NSC/CN=Root certificate/emailAddress=hostmaster@fh-kiel.de'
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server certificate A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server key exchange A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read server done A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write client key exchange A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write change cipher spec A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 write finished A
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 flush data
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3 read finished A
SSL: SSL_connect - want more data
SSL: 134 bytes pending from ssl_out
SSL: 134 bytes left to be sent out (of total 134 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=5
EAP: EAP entering state METHOD
SSL: Received packet(len=69) - Flags 0x80
SSL: TLS Message Length: 59
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3 read finished A
SSL: (where=0x20 ret=0x1)
SSL: (where=0x1002 ret=0x1)
SSL: 0 bytes pending from ssl_out
SSL: No data to be sent out
EAP-TTLS: TLS done, proceed to Phase 2
EAP-TTLS: Derived key - hexdump(len=64): [REMOVED]
EAP-TTLS: received 0 bytes encrypted data for Phase 2
EAP-TTLS: empty data in beginning of Phase 2 - use fake EAP-Request Identity
EAP-TTLS: Phase 2 EAP Request: type=1
EAP: using real identity - hexdump_ascii(len=34):
73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 sascha.petersen@
73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e student.fh-kiel.
64 65 de
EAP-TTLS: AVP encapsulate EAP Response - hexdump(len=39): 02 05 00 27 01 73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e 64 65
EAP-TTLS: Encrypting Phase 2 data - hexdump(len=48): [REMOVED]
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=6
EAP: EAP entering state METHOD
SSL: Received packet(len=148) - Flags 0x80
SSL: TLS Message Length: 138
EAP-TTLS: received 138 bytes encrypted data for Phase 2
EAP-TTLS: Decrypted Phase 2 AVPs - hexdump(len=68): 00 00 00 4f 40 00 00 44 01 06 00 3c 1a 01 06 00 37 10 3a 14 a7 76 cc 9b 6b 1c ce 26 30 c3 86 05 dc 90 73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e 64 65
EAP-TTLS: AVP: code=79 flags=0x40 length=68
EAP-TTLS: AVP data - hexdump(len=60): 01 06 00 3c 1a 01 06 00 37 10 3a 14 a7 76 cc 9b 6b 1c ce 26 30 c3 86 05 dc 90 73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e 64 65
EAP-TTLS: AVP - EAP Message
EAP-TTLS: Phase 2 EAP - hexdump(len=60): 01 06 00 3c 1a 01 06 00 37 10 3a 14 a7 76 cc 9b 6b 1c ce 26 30 c3 86 05 dc 90 73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e 64 65
EAP-TTLS: received Phase 2: code=1 identifier=6 length=60
EAP-TTLS: Phase 2 EAP Request: type=26
EAP-TTLS: Selected Phase 2 EAP method 26
EAP-MSCHAPV2: RX identifier 6 mschapv2_id 6
EAP-MSCHAPV2: Received challenge
EAP-MSCHAPV2: Authentication Servername - hexdump_ascii(len=34):
73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 sascha.petersen@
73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e student.fh-kiel.
64 65 de
EAP-MSCHAPV2: Generating Challenge Response
EAP-MSCHAPV2: auth_challenge - hexdump(len=16): 3a 14 a7 76 cc 9b 6b 1c ce 26 30 c3 86 05 dc 90
EAP-MSCHAPV2: peer_challenge - hexdump(len=16): 7f ea 6a d4 15 c3 b0 05 7c b5 80 ab f7 a7 cb f7
EAP-MSCHAPV2: username - hexdump_ascii(len=34):
73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 sascha.petersen@
73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e student.fh-kiel.
64 65 de
EAP-MSCHAPV2: password - hexdump_ascii(len=8): [REMOVED]
EAP-MSCHAPV2: response - hexdump(len=24): 2e 9a c2 42 d2 41 d6 3b ce ec c1 c7 7e 5a b0 69 84 cb 81 51 d8 10 9f df
EAP-MSCHAPV2: TX identifier 6 mschapv2_id 6 (response)
EAP-TTLS: AVP encapsulate EAP Response - hexdump(len=93): 02 06 00 5d 1a 02 06 00 58 31 7f ea 6a d4 15 c3 b0 05 7c b5 80 ab f7 a7 cb f7 00 00 00 00 00 00 00 00 2e 9a c2 42 d2 41 d6 3b ce ec c1 c7 7e 5a b0 69 84 cb 81 51 d8 10 9f df 00 73 61 73 63 68 61 2e 70 65 74 65 72 73 65 6e 40 73 74 75 64 65 6e 74 2e 66 68 2d 6b 69 65 6c 2e 64 65
EAP-TTLS: Encrypting Phase 2 data - hexdump(len=104): [REMOVED]
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=21 id=7
EAP: EAP entering state METHOD
SSL: Received packet(len=148) - Flags 0x80
SSL: TLS Message Length: 138
EAP-TTLS: received 138 bytes encrypted data for Phase 2
EAP-TTLS: Decrypted Phase 2 AVPs - hexdump(len=60): 00 00 00 4f 40 00 00 3b 01 07 00 33 1a 03 06 00 2e 53 3d 45 30 41 39 35 41 44 41 38 32 44 34 41 30 46 33 39 35 35 35 33 43 46 34 38 42 44 42 42 37 35 32 35 36 41 35 37 45 38 34 00
EAP-TTLS: AVP: code=79 flags=0x40 length=59
EAP-TTLS: AVP data - hexdump(len=51): 01 07 00 33 1a 03 06 00 2e 53 3d 45 30 41 39 35 41 44 41 38 32 44 34 41 30 46 33 39 35 35 35 33 43 46 34 38 42 44 42 42 37 35 32 35 36 41 35 37 45 38 34
EAP-TTLS: AVP - EAP Message
EAP-TTLS: Phase 2 EAP - hexdump(len=51): 01 07 00 33 1a 03 06 00 2e 53 3d 45 30 41 39 35 41 44 41 38 32 44 34 41 30 46 33 39 35 35 35 33 43 46 34 38 42 44 42 42 37 35 32 35 36 41 35 37 45 38 34
EAP-TTLS: received Phase 2: code=1 identifier=7 length=51
EAP-TTLS: Phase 2 EAP Request: type=26
EAP-MSCHAPV2: RX identifier 7 mschapv2_id 6
EAP-MSCHAPV2: Received success
EAP-MSCHAPV2: Success message - hexdump_ascii(len=0):
EAP-MSCHAPV2: Authentication succeeded
EAP-TTLS: AVP encapsulate EAP Response - hexdump(len=6): 02 07 00 06 1a 03
EAP-TTLS: Encrypting Phase 2 data - hexdump(len=16): [REMOVED]
EAP-TTLS: Authentication completed successfully
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1 key_length=13 key_index=0x1
EAPOL: EAPOL-Key key signature verified
EAPOL: Decrypted(RC4) key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: broadcast keyidx 1 len 13
wpa_driver_wext_set_key: alg=1 key_idx=1 set_tx=0 seq_len=0 key_len=13
RX EAPOL from 00:12:d9:42:8f:a0
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=44 EAPOL-Key: type=1 key_length=13 key_index=0x83
EAPOL: EAPOL-Key key signature verified
EAPOL: using part of EAP keying material data encryption key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: unicast keyidx 3 len 13
wpa_driver_wext_set_key: alg=1 key_idx=3 set_tx=128 seq_len=0 key_len=13
EAPOL: all required EAPOL-Key frames received
WPA: EAPOL processing complete
Cancelling authentication timeout
State: ASSOCIATED -> COMPLETED
CTRL-EVENT-CONNECTED - Connection to 00:12:d9:42:8f:a0 completed (auth)
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: startWhen --> 0
EAPOL: authWhile --> 0
EAPOL: idleWhile --> 0

Meine wpa_supplicant.conf Datei sieht folgendermaßen aus:
#ctrl_interface=/var/run/wpa_supplicant
#ctrl_interface_group=wheel

network={
ssid="802.1X"
scan_ssid=1
key_mgmt=IEEE8021X
eap=TTLS
identity="...@student.fh-kiel.de"
password=""
ca_cert="/etc/cert/fh-cacert.pem"
phase2="auth=MD5"
}

Gruß Sascha

Freecoffee · 24 Nov. 2006

Schon einmal YaST probiert?

sasch00 · 25 Nov. 2006

Ja, hab ich, auch schon mit dem NetworkManager der bricht aber allerdnigs nach ca. 30 sekunden bei 29 % ab.

Freecoffee · 25 Nov. 2006

Nicht NetworkManager. Nur mit YaST die traditionelle Methode mit ifup konfigurieren, WPA dort einrichten und dann starten.

sasch00 · 27 Nov. 2006

Hallo!
So hab das ganze nun nochmal mit ifup probiert, kommt leider auf das selbe ergebins hinaus. Er bekommt keine Verbindung

Authentifizierungsproblem mit wpa_supplicant und Intel 3945

sasch00

Freecoffee

sasch00

Freecoffee

sasch00