I am having terrible trouble connecting to my school WPA2 PEAP MSCHAPV2 wifi. I've tried Network Manager, wicd and connman and most recently I am connecting via wpa_supplicant.

The school does not require a CA certificate. I know this is ill-advised but I don't have responsibility for that.
The connection works immediately in Windows, with which I dual boot, so I know the hardware is working.

I have included dmesg output, wpa_supplicant.conf, wpa_supplicant -dd debug output, and relevant wireshark packets in this Google doc:

https://docs.google.com/document/d/1...VDdt7ReGW0LiKg

The problem occurs after the Client Hello when the AP disconnects because of a handshake failure.

I have been working for days on this and have tried the system-ca-certs=false workaround. Any pointers would be gratefully received.

What hardware and distro are you using?

Perhaps it is this issue. https://unix.stackexchange.com/quest...ng-when-trying

The first two lines of the document I provided state the hardware and distro....

This was an excellent suggestion - thank you - but after renaming wlp3s0 to wlan0 I got exactly the same response: a handshake failure at the client hello. I wonder if anyone can suggest any other tools I can use to investigate? Is there any way I can work out exactly why the handshake failed? From the Wireshark packets it looks like my laptop is using TLS v1.2, but the AP is using TLS v1.0 and so perhaps aborts the connection on that basis?

According to this perhaps
in your wpa_supplicant.conf will work.

Thank you. I've already tried this and I also tried disabling TLSv1.1 as well and I always have exactly the same problem.

It seems that my Debian laptop is sending the client hello using TLSv1.2:

SSL Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 266
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 262
Version: TLS 1.2 (0x0303)

And the server is coming back with TLSv1.0:

Secure Sockets Layer
TLSv1 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)

But I'm afraid I don't really know how to take this further. When I boot into Windows I can connect with no trouble at all and perhaps I can find out the details of what Windows is doing that works. I'm trying to decipher the Wireshark output from Windows, but it seems to send so much junk that it's quite difficult to decipher it. I will soldier on. Thanks for your suggestion.

It is likely that your Debian openssl package now disables TLS 1.0 and TLS 1.1 as deprecated protocols. e.g. https://lists.debian.org/debian-deve.../msg00004.html

Oddly enough it looks like Debian is the one that is using TLSv1.0 in some way. I've compared Wireshark info when connecting to the same server on the same client hardware using Debian and Windows. I was surprised that Windows makes no mention at all of EAP. I don't know why that is. The only difference between these sections is the mention of TLSv1.0 in the Debian packet. I haven't included the lists of cipher suites and hash algorithms.

Edit: There's also an error in the GMT Unix Time field but apparently it's not important, at least to TLS itself.

Debian (not working)

Secure Sockets Layer
SSL Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 266
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 262
Version: TLS 1.2 (0x0303)
Random
GMT Unix Time: Mar 28, 2014 16:12:13.000000000 +08
Random Bytes: 96461b52573c44bd376f9254d355b7dbcb5e63e41141ccd5...
Session ID Length: 0

Windows (working)

Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 175
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 171
Version: TLS 1.2 (0x0303)
Random: 5ad56d681c707d3b8fca96cfffb65cacca7e484b1adf3950...
GMT Unix Time: Apr 17, 2018 11:43:36.000000000 Malay Peninsula Standard Time
Random Bytes: 1c707d3b8fca96cfffb65cacca7e484b1adf3950fefca876...
Session ID Length: 0

For comparison, here is the client hello from an Ubuntu laptop on the same network. This laptop uses Network Manager but exactly the same config on the Debian machine won't connect.

Ubuntu (working)

802.1X Authentication
Version: 802.1X-2001 (1)
Type: EAP Packet (0)
Length: 311
Extensible Authentication Protocol
Code: Response (2)
Id: 2
Length: 311
Type: Protected EAP (EAP-PEAP) (25)
EAP-TLS Flags: 0x80
1... .... = Length Included: True
.0.. .... = More Fragments: False
..0. .... = Start: False
.... .000 = Version: 0
EAP-TLS Length: 301
Secure Sockets Layer
TLSv1 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 296
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 292
Version: TLS 1.2 (0x0303)
Random
GMT Unix Time: Aug 18, 2080 05:43:50.000000000 +08
Random Bytes: eb97037fc1f3bc7b340637386797de6b4162eea72f86bbc4...
Session ID Length: 0
Cipher Suites Length: 170
Cipher Suites (85 suites)
etc
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 81
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 4
EC point formats Length: 3
Elliptic curves point formats (3)
EC point format: uncompressed (0)
EC point format: ansiX962_compressed_prime (1)
EC point format: ansiX962_compressed_char2 (2)
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 28
Elliptic Curves Length: 26
Elliptic curves (13 curves)
etc
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 32
Signature Hash Algorithms Length: 30
Signature Hash Algorithms (15 algorithms)
etc
Extension: Heartbeat
Type: Heartbeat (0x000f)
Length: 1
Mode: Peer allowed to send requests (1)

Ok. I've found that the server wants to use a cipher suite (an old one) that Debian Stretch doesn't support. The cipher suite is tls_rsa_with_3des_ede_cbc_sha.

I'll close this but in fact it's not solved.