NetworkManager 1.24 Coming Soon With VRF Support, Opportunistic Wireless Encryption
Friday marked the release of NetworkManager 1.24-RC1 as the first test candidate for this component important to wired and wireless networking on the Linux desktop.
One of the big additions to NetworkManager 1.24 is support for Opportunistic Wireless Encryption. OWE provides encrypted wireless data transfers without a secret/key. This technology is also known as WiFi Certified Enhanced Open since 2018. This NetworkManager OWE support is contingent upon WPA-Supplicant being built with the capability enabled and can work with any mac80211-supported adapter.
IETF.org explains of OWE, "With OWE, the client and AP perform a Diffie-Hellman key exchange during the access procedure and use the resulting pairwise secret with the 4-way handshake instead of using a shared and public PSK in the 4-way handshake. OWE requires no special configuration or user interaction but provides a higher level of security than a common, shared, and public PSK. OWE not only provides more security to the end user, it is also easier to use both for the provider and the end user because there are no public keys to maintain, share, or manage."
Another new addition to NetworkManager 1.24 is support for Virtual Routing and Forwarding (VRF) interfaces. VRF allows multiple instances of a routing table to co-exist. VRF can be used for increased security in automatically segregating traffic.
NetworkManager 1.24-RC1 also presents improvements to the NetworkManager command-line interface (NMCLI), new bridging options, new IPv6 settings, support for detecting if a PIN-protected SIM card has been externally unlocked, fixes for the DHCP client, and other improvements/fixes.
More details on NetworkManager 1.24-RC1 for testing via FreeDesktop.org.