I bought a Pi zero w to run a wireless print server on. The device only supports 2.4 GHz, and my neighbors have a fondness for running deauthentication attacks. Consequently, I would like to enable the "Robust Management Frames" and "Protected Management Frames" on my Pi. Based on the datasheet, the broadcom chip used by Pi Zero W supports 802.11w. Unfortunately, when I run "iw phy0 info | grep -A9 "Supported Ciphers" I only see WEP40, WEP104, TKIP and CCMP-128. It appears to me that the drivers used by Pi do not support CMAC (00-of-ac:6) because it does not appear in the output of the above command. Consequently, when I try to enable the PMF/802.11w on the Pi client it fails. If I configure my access point to require PMF, Pi fails to establish a connection with the following message: "wlan0: Failed to initiate sched scan". Once I make PMF optional, Pi connects to the access point and works until one of my neighbords decides to run a deauthentication attack. A wireless print server that keeps losing network connection does not make for a positive user experience, to put it politely.
Is there a different driver that supports RMF and PMF? If so, where can I get it? Are these driver open source or proprietary drivers provided in binary form?
Should I be using a different Pi model instead of "Pi Zero w"? Do other Pi models support RMF/PMF? Can I use an external WiFi via USB that has a driver that supports RMF/PMF/802.11w?
3 posts • Page 1 of 1
I doubt that FCC has any time at all for dealing with this. MFP/802.11w has been around for almost a decade. My router supports it. Many recent wifi chipsets support it as well. Linux driver support seems to be lacking.