On Thu, Mar 16, 2023 at 07:15:02PM -0500, Theron Spiegl wrote: > Hi, I'm using a Qualcomm Atheros QCA6174 with wpa_supplicant v2.10. When I start a hotspot with the commands below, it can be joined by most devices (Linux, Windows, iOS) but not an M1 MacBook Pro. I've determined that this is because of SAE/WPA3 support: if I run macOS's `airport` CLI utility, I see that the wpa_supplicant 2.10 hotspot offers `WPA(PSK/AES/AES) RSN(PSK,PSK-SHA256,SAE/AES/AES)` in the Security column. When I use wpa_supplicant 2.9, it offers `WPA(PSK/AES/AES) RSN(PSK,PSK-SHA256/AES/AES)`, and the MacBook can join. > > Is there a way to disable SAE and force the use of WPA2-PSK with AES on wpa_supplicant 2.10? (Whether through nmcli or wpa_cli or something else?) I would strongly discourage doing that and instead, figure out why there is no WPA3-Personal (SAE) connection. The current MacBook Pro devices should be able to use SAE. Do you have management frame protection (a.k.a. PMF) enabled in wpa_supplicant configuration? This could be enabled with ieee80211w=1 with the particular network profile for the AP mode operation or pmf=1 as a global parameter to enable it by default for all networks. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
