Bug#980203: linux-image-5.10.0-1-686:i386 ipw2200 returns bogus MAC address. Security implications????
On Sat, 16 Jan 2021 09:19:45 +0100
Bastian Blank <waldi@debian.org> wrote:
> On Fri, Jan 15, 2021 at 05:55:47PM -0700, Charles Curley wrote:
> > On boot, NetworkManager does its thing correctly, and gets the
> > machine on the network. However, I use DHCP with fixed addresses.
> > Getting the wrong MAC address throws this off, which is how the
> > problem came to my attention. This is an intermittent problem. Not
> > every boot results in the wrong MAC address.
>
> NetworkManager can change MAC addresses for privacy reasons. Did you
> disable this feature?
I was completely unaware of it until you mentioned it.
The man page for NetworkManager.conf says, in part:
wifi.mac-address-randomization
If left unspecified, MAC address randomization is disabled.
This setting is deprecated for wifi.cloned-mac-address.
So if I read that correctly, one must affirmatively enable it.
A search of the various NetworkManager.conf files did not turn up any
use of that keyword. Nor did a check of the connection-specific file.
root@dragon:~# locate NetworkManager | grep conf$ | xargs grep -i rand
/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf:wifi.scan-rand-mac-address=no
root@dragon:~# locate NetworkManager | grep conf.d | xargs ls
/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf
/crc/dragon/etc/NetworkManager/conf.d:
/etc/NetworkManager/conf.d:
/usr/lib/NetworkManager/conf.d:
no-mac-addr-change.conf
root@dragon:~#
A search of the GTK GUI did not turn up any settings for it.
So, as far as I know, the answer to your question is that it is not
currently enabled.
>
> > Jan 15 16:15:45 dragon kernel: [278773.780936] wlp2s2: Setting MAC
> > to 8a:f5:74:20:7c:9e
>
> So something _deliberately_ sets a local administered MAC address.
Maybe. But what? I don't see anything in /etc/modprobe.d/, modules, or
modules-load.d/.
--
Does anybody read signatures any more?
https://charlescurley.com
https://charlescurley.com/blog/
Reply to: