I'm trying to connect to a WPA2-Enterprise network with PEAP security and MSCHAPV2 for phase 2. I'm using iwd to do that (as I previously failed with wpa_supplicant and networkmanager).

Successful connection

I have this config file

# /var/lib/iwd/mynetwork.8021x

[Security]
EAP-Method=PEAP
EAP-PEAP-Phase2-Method=MSCHAPV2

I can connect to network using iwctl station ... connect mynetwork, it prompts for username and password and connects successfully after I enter them. However it asks them every time I need to connect and I wanted to store credentials. However I faced the following issues.

Failing connection

I put username and password (tried both Password and Password-Hash) into the config file

# /var/lib/iwd/mynetwork.8021x

[Security]
EAP-Method=PEAP
EAP-PEAP-Phase2-Method=MSCHAPV2
EAP-PEAP-Phase2-Identity=my_username
EAP-PEAP-Phase2-Password=my_password

When I try to connect with iwctl station ... connect mynetwork it does not prompt for credentials, however it fails to connect completely. Looking into debug logs of iwd the failure occurs during the handshake, which probably means the credentials are not parsed properly.

How can I solve this issue and not have to enter credentials every time?