Opening it here since i got no user feedback on gitlab: https://gitlab.com/postmarketOS/pmaports/-/issues/2620
Create a hotspot on sxmo/pmos device.
Try to connect with new generation android13/14 device (e.g. samsung A33, A53). It will complain that it can not connect. While another linux device connects without trouble (which makes debugging a bit harder).
To fix it, we need to edit /usr/bin/sxmo_networks.sh on line ~219 and disable pmf:
notify_sucess "Adding hotspot wifi" \
nmcli device wifi hotspot ifname wlan0 con-name "Hotspot $SSID" \
ssid "$SSID" channel "$channel" band bg password "$key"
nmcli con down "Hotspot $SSID"
nmcli c modify "Hotspot $SSID" 802-11-wireless-security.pmf 1
nmcli c modify "Hotspot $SSID" wifi-sec.pmf disable
nmcli con up "Hotspot $SSID"
successfully tested/daily driving on OP6 with postmarketos edge and 23.12 to scared to submit a patch, so its at least documented here....
Good find and sorry for the late reaction again. I suppose it would also work in a one liner right? Or is the down step crucial?
nmcli device wifi hotspot ifname wlan0 con-name "Hotspot $SSID" ssid "$SSID" channel "$channel" band bg password "$key" 802-11-wireless-security.pmf 1 wifi-sec.pmf disableDid you happen to try that?
I guess we could make a SXMO_WIFI_PMF_DISABLE parameter to toggle this functionality. Disabling security measures by default might be a bit risky (and you say it does work for some devices), though I must admit I don't know at all what PMF does.
Lets just leave it open for the moment so people find the workaround if needed.
Not quite sure if the problem is on the wifi driver side and might be fixed one day from there...
PMF stands for 'Protected Management Frames'. Without PMF, management frames can be spoofed or tampered with, leading to attacks such as de-authentication attacks, where an attacker forces a client to disconnect from the network.
Which does not sound super crucial for a hotspot on the phone.