Linux – How to re-enable a network that has been TEMP-DISABLED in wpa_supplicant


In wpa_suppicant, a network can receive a sort of temporary "blacklisting" whereby wpa_supplicant won't try to connect to it. This happens in particular if authentication to the AP fails several times (which, since wpa_supplicant retries, is almost certain).

These look like this in wpa_cli:

> list_networks 
network id / ssid / bssid / flags
0   Example any [TEMP-DISABLED]

Where Example is the SSID of the network.

Is it possible to indicate to wpa_supplicant that the problem has been corrected, and that it can attempt to re-authenticate? (None of enable_network, reassociate or reconnect work.)

(Restarting wpa_supplicant works, but I was wondering if there was a "gentler" method. Judging by the logs, it looks like it backs off, and the upper bound is a whopping 20 minutes, which is a long time between retries.)

Best Answer

When wpa_supplicant repeatedly fails to connect to a network the network is temporarily disabled, and the BSSID may be blacklisted.

To clear TEMP-DISABLED state you can disable and re-enable the network

disable 0
enable 0

The blacklist command shows if any BSSIDs are blacklisted, and they can be re-enabled with the command blacklist clear.

Based on the wpas_auth_failed function in the TEMP-DISABLED state lasts 10 seconds for the first failure, and increases up to 300 seconds after more than 50 failures. There are other places where this state is set though, and when I saw this state occur it didn't appear to have failed that frequently.