Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Using iwd as networkmanager backend
Using iwd as networkmanager backend
Hello,
I was having some trouble using wpa_supplicant so I changed networkmanagers backend to iwd. So far it seems to be working great, and I am no longer getting any error or warning messages. I am using it on buster, so I know it is just experimental, but it seems to be working well for me, so far at least.
My question here is if anyone knows of any security concerns right now iwd has in buster or is it just as fine as wpa_supplicant in that regard?
I was having some trouble using wpa_supplicant so I changed networkmanagers backend to iwd. So far it seems to be working great, and I am no longer getting any error or warning messages. I am using it on buster, so I know it is just experimental, but it seems to be working well for me, so far at least.
My question here is if anyone knows of any security concerns right now iwd has in buster or is it just as fine as wpa_supplicant in that regard?
Re: Using iwd as networkmanager backend
You can't believe your eyes if your imagination is out of focus.
Re: Using iwd as networkmanager backend
Have an interest in this too. Mind putting up a how-to, tute or linking to the resource outlining setting it up ?
For now content with networkd + wpa_supplicant (at the moment using wicd-gtk for convenience) but iwd looks cool too. I don't know of any reason not to use it, errr .. well at least nothing based on something substantial, two things concern me with it though, compared to wpa_supplicant couldn't have been as well tested. Also think it's one of the Intel brain children and with all this side-channel madness, my trust level and confidence in Intel is at an all time low ... From what I understand about the thing it communicates more directly with the Linux kernel to handle the encryption and whatever networking functions.
Brings point 1 back to mind, hasn't, can't have received as much real life testing as wpa_supplicant. Still have seen favorable mention by people using it and still seems interesting.
For now content with networkd + wpa_supplicant (at the moment using wicd-gtk for convenience) but iwd looks cool too. I don't know of any reason not to use it, errr .. well at least nothing based on something substantial, two things concern me with it though, compared to wpa_supplicant couldn't have been as well tested. Also think it's one of the Intel brain children and with all this side-channel madness, my trust level and confidence in Intel is at an all time low ... From what I understand about the thing it communicates more directly with the Linux kernel to handle the encryption and whatever networking functions.
Brings point 1 back to mind, hasn't, can't have received as much real life testing as wpa_supplicant. Still have seen favorable mention by people using it and still seems interesting.
Most powerful FREE tech-support tool on the planet * HERE. *
Re: Using iwd as networkmanager backend
I am not sure if it wise to use iwd on debian 10 right now, as it is outdated. But you can always try it out and compare internet speed between wpa_supplicant and iwd. While wpa_supplicant was throwing me some errors and warning I had stable connection, and was around 15% faster then on iwd. That is at least for my case, it could be opposite for you.
If you want to use iwd on buster or later it is really simple, https://wiki.debian.org/NetworkManager/iwd.
Basically you need to install iwd, https://packages.debian.org/buster/iwd, then go to /etc/NetworkManager/NetworkManager.conf and add
Then you need to stop wpa_supplicant service and restart NetworkManager
And it should start NetworkManager using iwd as backend. As how to revert, just comment out those lines from NetworkManager.conf, enable and start wpa_supplicant.service and restart NetworkManager.service.
If you want to use iwd on buster or later it is really simple, https://wiki.debian.org/NetworkManager/iwd.
Basically you need to install iwd, https://packages.debian.org/buster/iwd, then go to /etc/NetworkManager/NetworkManager.conf and add
Code: Select all
[device]
wifi.backend=iwd
Code: Select all
systemctl disable wpa_supplicant.service
systemctl restart NetworkManager.service
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 132 times
Re: Using iwd as networkmanager backend
Have you actually checked your link? The version in buster is still vulnerable.trinidad wrote:Looks like this is all right now
@OP: the buster package is a pre-release and I had a few problems with it auto-connecting so I backported the version from sid:
https://software.opensuse.org//download ... ackage=iwd
^ That version isn't vulnerable to CVE-2020-17497.
deadbang
Re: Using iwd as networkmanager backend
Thanks M3100 and definitely thanks for posting that info Head_on. Whenever chasing any newish tech do think it's a good idea to use the latest available for it.
Most powerful FREE tech-support tool on the planet * HERE. *
Re: Using iwd as networkmanager backend
Sorry. Of course I read the page. It was just a bad choice of words. I was responding to the OP:The version in buster is still vulnerable.
anyone knows of any security concerns right now iwd has in buster
What I meant was: Looks like this is the only vulnerability. (all that's out there)
TC
You can't believe your eyes if your imagination is out of focus.
Re: Using iwd as networkmanager backend
Which btw, m3100 you posted a dang good reason for not going with iwd yourself, it must work well enough or you wouldn't keep using it but having tested and discovering you're taking a 15% transfer speed hit, that type of thing would drive me nuts just knowing. Would say maybe start a help request and post the details in this or other tech-forums trying to find a solution for whatever issues with wpa_supplicant or keep exploring other networking options.
Again ... I'm not at all one of the tinfoil hat paranoid nixers so often seen but when dealing with something like wireless encryption, yeah, goes without saying that'd have to be something any computer users pay more attention to and the use of an unproven, at least a much lesser proven option isn't something I'd consider advisable. That's only a pointless 2 cents ...
Ps, oops, also missed the obvious, at very least maybe try the newer version Head_on was nice enough to backport and share. Hopefully those speed issues will prove corrected ? Guess if nobody ever uses iwd, it can't get tested nor proven.
Again ... I'm not at all one of the tinfoil hat paranoid nixers so often seen but when dealing with something like wireless encryption, yeah, goes without saying that'd have to be something any computer users pay more attention to and the use of an unproven, at least a much lesser proven option isn't something I'd consider advisable. That's only a pointless 2 cents ...
Ps, oops, also missed the obvious, at very least maybe try the newer version Head_on was nice enough to backport and share. Hopefully those speed issues will prove corrected ? Guess if nobody ever uses iwd, it can't get tested nor proven.
Most powerful FREE tech-support tool on the planet * HERE. *
Re: Using iwd as networkmanager backend
I was reading about iwd on some other forums and some of them said they got speed boost while others lost on performance. That test was just for my particular device and setup, it is probably 'corrected' in newer versions too.
I am currently not using iwd because of that vulnerability and bandwidth hit, since I don't like to use backports, will just stick to wpa_supplicant for now. Only problems I had with wpa_supplicant were odd error messages and rare random disconnects so I am happy with that, it is not like I am doing any online gaming these days anyway so it is not causing me any real trouble.
I am currently not using iwd because of that vulnerability and bandwidth hit, since I don't like to use backports, will just stick to wpa_supplicant for now. Only problems I had with wpa_supplicant were odd error messages and rare random disconnects so I am happy with that, it is not like I am doing any online gaming these days anyway so it is not causing me any real trouble.
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 132 times
Re: Using iwd as networkmanager backend
There shouldn't be any difference in performance at all, iwd is just an network association tool.mm3100 wrote:I was reading about iwd on some other forums and some of them said they got speed boost while others lost on performance.
Trilby over at the Arch forums made some interesting observations about this: https://bbs.archlinux.org/viewtopic.php ... 4#p1916054 (btw @rsmarples is the dhcpcd developer).
More likely related to the driver than wpa_supplicant but difficult to say for sure without seeing the logs.mm3100 wrote:Only problems I had with wpa_supplicant were odd error messages and rare random disconnects
deadbang