incorrect encryption detected when logging on to WPA ad-hoc wireless network

Bug #322902 reported by Per Ångström on 2009-01-29
320
This bug affects 13 people
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
Medium
Unassigned
Nominated for Jaunty by Kev

Bug Description

Binary package hint: network-manager

How to reproduce:
1) In nm-applet, bring up the "Create New Wireless Network" dialog.
2) Specify a new network name and choose "WPA & WPA2 Personal" for security.
3) Specify a password and press Create.
4) On another computer, connect to the new ad-hoc network.

Expected behavior: the authentication dialog should prompt for a "WPA & WPA2 Personal" password.
Actual behavior: the authentication dialog prompts for a WEP key/passphrase. It is impossible to log on.

In my experience, the only security that works for an ad-hoc wireless network is WEP key/passphrase or no security, not WPA.

Kev (ukev) on 2009-08-03
Changed in network-manager (Ubuntu):
status: New → Confirmed
Kev (ukev) wrote :

I could reproduce this bug as described.

If you try to add the correct network with wpa to the network manager with the edit buttons and type adhoc, it won't work, too.

So it's actually impossible to create or join(?) a secure adhoc network with ubuntu because wep is not secure, you know.

I think it's a really dangerous situation...like a rope of sand.

komputes (komputes) wrote :

@Per @Kev - Can you please check that you have dnsmasq installed, by running the following command:
$ dpkg -l dnsmasq

This package is needed to be able to create Adhoc networks. The ability to share an internet connection is not built into the distribution. See the Documentation:
https://help.ubuntu.com/community/WifiDocs/Adhoc

There is also a Brainstorm request to have Adhoc networks work out of the box:
Idea #15663: Facilitate "Internet Sharing" within Network Manager
http://brainstorm.ubuntu.com/idea/15663/

Can both of you also run the following command to update the bug with apport logs:
$ apport-collect 322902

Changed in network-manager (Ubuntu):
status: Confirmed → Incomplete

Architecture: i386
DistroRelease: Ubuntu 9.04
Package: network-manager 0.7.1~rc4.1.cf199a964-0ubuntu2
PackageArchitecture: i386
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANG=de_DE.UTF-8
Syslog: Error: command ['egrep', ' (NetworkManager|dhclient|kernel):', '/var/log/syslog'] failed with exit code 1:
Uname: Linux 2.6.28-15-generic i686
UserGroups: adm admin cdrom dialout libvirtd lpadmin plugdev sambashare vboxusers
WpaSupplicantLog:

Kev (ukev) wrote :

ok, I have dnsmasq not installed, but WEP does work. Why?

I will test with dnsmasq next week.

apport will follow today.

Kev (ukev) wrote :

hm interesting, apport-collect has finished with:

Error connecting to Launchpad: HTTP Error 500: Internal Server Error
You have to allow "Change anything" privileges.

but still has post my data. Another bug? Is apport-collect complete or do you need anything else?

Kev (ukev) on 2009-10-22
Changed in network-manager (Ubuntu):
status: Incomplete → New
Psy[H[] (vovik-wfa) wrote :

Confirming. I have to use WEP "protection" for my local ad-hoc network because of this bug.

komputes, are you asking about dnsmasq or dnsmasq-base package? Because dnsmasq-base is actually needed by NM to establish ad-hoc, and it is installed by default in 9.10.

9.10 with current upgrades, NM from network-manager/trunk ppa.

co0lingFir3 (coolingfire) wrote :

This bug still persists in Lucid. Installing dnsmasq doesn't change anything. If network-manager is not suppose to support WPA-secured ad-hoc networks, then that option should not be listed when creating a new network.

mistr (mstrecke) wrote :

I can also confirm the bug in Lucid.

I can connect (XP - Ubuntu 10.04) via an unencrypted or nearly unencrypted (WEP) Ad-Hoc connection.

I noticed how the following fact, which might hint to the source of the problem:

When I switch to WPA, the Ad-Hoc network an XP machine is listed as encrypted, but not as an WPA encrypted network (my home network is WPA2 and listed as such).

XP asks for a password, but expects an WEP key (for the WPA network).

A network scan from another Ubuntu machine showed:

my home network with WPA2:

          Cell 01 - Address: 00:26:4D:1A:7F:C7
                    ESSID:"Heimnetz"
                    Mode:Master
                    Channel:1
                    Frequency:2.412 GHz (Channel 1)
                    Quality=49/100 Signal level=-66 dBm
                    Encryption key:on
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK
                       Preauthentication Supported
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s
                              18 Mb/s; 36 Mb/s; 54 Mb/s; 6 Mb/s; 12 Mb/s
                              24 Mb/s; 48 Mb/s
                    Extra:tsf=000002ecfd456932

the Ad-Hoc network (configured as WPA):

          Cell 02 - Address: 3A:69:14:44:F2:1F
                    ESSID:"tralala"
                    Mode:Ad-Hoc
                    Channel:1
                    Frequency:2.412 GHz (Channel 1)
                    Quality=50/100 Signal level=-56 dBm
                    Encryption key:on
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                              9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:tsf=0000000010656387

encrypted, but not marked as WPA.

I tried to configure it via the command line, but I'm missing the iwconfig/ifconfig commands for the wireless WPA. I don't want to put them into /etc/network/interfaces to avoid conflicts with my normal setup.

This should be marked for lucid, happens to me as well. WEP works, but if I select WPA it just uses WEP instead it seems. Would gladly provide logs or other testing if required.

David Balažic (xerces8) wrote :

And it is the same on Ubuntu 10.10 (Maverick Meerkat)
Tried the dekstop i386 CD (from USB stick) - Live

1) Created an ad-hoc net with WPA2
2.) On another PC tried to connect, but it asked WEP password
3.) I created the same ad-hoc on the second PC (same name, encryption type and key), and it appears to work.
Except both PCs have the address 10.42.43.1.

Same problem with Maverick : it's still impossible to create (or connect) an ad hoc wpa network using network manager...

Setting to Confirmed/Medium; we have sufficient proof (also see bug 552929) that WPA-secured ad-hoc connections created from NetworkManager don't work. Now to figure out exactly what piece of the puzzle is broken. :)

Changed in network-manager (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
komputes (komputes) on 2011-08-01
security vulnerability: no → yes
description: updated
Marius B. Kotsbak (mariusko) wrote :

Is this problem present in the two latest Ubuntu versions too?

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers