Security - Printable Version +- OpenMarine (https://forum.openmarine.net) +-- Forum: OpenPlotter (https://forum.openmarine.net/forumdisplay.php?fid=1) +--- Forum: Feature Requests (https://forum.openmarine.net/forumdisplay.php?fid=5) +--- Thread: Security (/showthread.php?tid=4982) |
Security - meo - 2023-11-06 I noticed that the network configuration tool puts an unhased password for the Wifi network in the wpa_supplicant.conf file I think that it is better to use an hashed psk. The syntax is easy: the hashed password does not have "quotes". The Python code to calculate the hashed psk should be: import hashlib, binascii def wpa_psk(ssid, password): dk = hashlib.pbkdf2_hmac('sha1', str.encode(password), str.encode(ssid), 4096, 32) return (binascii.hexlify(dk)) Sorry but I was not able to find in OpenPlotter GitHub sources the code to modify and to pull a request... Therefore I use a Feature Request! Thanks for your attention RE: Security - Sailoog - 2023-11-06 This is the source: https://github.com/openplotter/openplotter-network is the system able to manage hashed passwords in wpa_supplicant.conf? RE: Security - meo - 2023-11-06 (2023-11-06, 11:43 AM)Sailoog Wrote: This is the source: https://github.com/openplotter/openplotter-network I'm sure it works with hashed passwords since I have already done it manually by editing the file (eg. https://unix.stackexchange.com/questions/278946/hiding-passwords-in-wpa-supplicant-conf-with-wpa-eap-and-mschap-v2 ). I'm a bit rusty with programming in python (I'm not a programmer at all)... but it seems I've found the place that can be hacked. I'll do some test and come back with the results. Thanks! meo RE: Security - baltika_no_9 - 2023-11-06 ...........the hashed password does not have "quotes". I've checked my etc/wpa_supplicant.conf file and the password does not have quotes. Are we talking about a different file? Code: ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev |