|Summary:||net-wireless/wpa_supplicant-2.10 no longer connects to my wifi - wpa_parse_wpa_ie_rsn: invalid group cipher 0x8 (000fac02)|
|Product:||Gentoo Linux||Reporter:||igel <mathiaswe>|
|Component:||Current packages||Assignee:||Rick Farina (Zero_Chaos) <zerochaos>|
|Severity:||normal||CC:||c4pp4, floppym, pacho|
|Package list:||Runtime testing required:||---|
Description igel 2022-03-30 12:54:36 UTC
I recently upgraded my wpa_supplicant from 2.9 to 2.10 and my laptop stopped connecting to my WPA2-PSK wifi at home. Switching back to 2.9 fixed the issue for me, but that ebuild is no longer in the official portage tree. Reproducible: Always Steps to Reproduce: 1. install net-wireless/wpa_supplicant-2.10 2. reboot Actual Results: does not connect to wifi Expected Results: connects to wifi the log file for 2.10 claims: wpa_parse_wpa_ie_rsn: invalid group cipher 0x8 (000fac02) wpa_parse_wpa_ie_rsn: invalid group cipher 0x8 (000fac02) wifi: skip RSN IE - parse failed while the 2.9 logfile correctly states wifi: selected based on RSN IE so something is up with the WPA2 parse. Since I changed nothing else in the system, I conclude that it's a problem with wpa_supplicant-2.10. I submitted a bug-report upstream to their mailing list, but my issue with Gentoo right now is that the ebuild for 2.9 is no longer in the tree so others having this problem are going to be in a pickle.
Comment 1 Mike Gilbert 2022-03-31 01:46:36 UTC
Try enabling the "tkip" USE flag. Alternatively, enable CCMP (AES) on your home wifi.
Comment 2 Marcus 2022-03-31 05:02:54 UTC
I was also just bitten by this. I'm not using tkip on my access points, they're all using AES. wpa_parse_wpa_ie_rsn: invalid group cipher 0x8 (000fac02) wpa_parse_wpa_ie_rsn: invalid group cipher 0x8 (000fac02) There's a forum thread about it currently as well. https://forums.gentoo.org/viewtopic-t-869609-start-0.html I've also downgraded and masked anything higher than 2.9-r8.
Comment 3 Marcus 2022-03-31 05:17:46 UTC
https://forums.gentoo.org/viewtopic-t-1147832.html Apologies, link to forum thread before was unrelated this is the correct link.
Comment 4 igel 2022-03-31 09:39:05 UTC
upstream also suggested to configure the AP to not use TKIP no more since something called the Wi-Fi alliance deemed TKIP unsafe. I'm not sure if the wpa_supplicant ebuild already warns about this issue -- when upgrading @world, I often have trouble keeping up with the information printed by any of the installed ebuilds...
Comment 5 igel 2022-04-18 16:14:51 UTC
yeah, so after reading the forum posts and conversing with upstream, I just enabled the tkip useflag and 2.10 does what it's supposed to now. I guess this can be closed, but someone please make sure that users are aware of the issue when upgrading from 2.9.
Comment 6 Pacho Ramos 2022-04-18 16:48:22 UTC
I agree that a warning should be emitted as it is not nice to see that you cannot connect to the network after updating I also suffered this when needed to connect to the lab wifi and I couldn't :/