+- OpenMarine (https://forum.openmarine.net)
+-- Forum: OpenPlotter (https://forum.openmarine.net/forumdisplay.php?fid=1)
+--- Forum: Feature Requests (https://forum.openmarine.net/forumdisplay.php?fid=5)
+--- Thread: Security (/showthread.php?tid=4982)
Security - meo - 2023-11-06
I noticed that the network configuration tool puts an unhased password for the Wifi network in the wpa_supplicant.conf file
I think that it is better to use an hashed psk. The syntax is easy: the hashed password does not have "quotes".
The Python code to calculate the hashed psk should be:
import hashlib, binascii
def wpa_psk(ssid, password):
dk = hashlib.pbkdf2_hmac('sha1', str.encode(password), str.encode(ssid), 4096, 32)
return (binascii.hexlify(dk))
Sorry but I was not able to find in OpenPlotter GitHub sources the code to modify and to pull a request...
Therefore I use a Feature Request!
Thanks for your attention
RE: Security - Sailoog - 2023-11-06
This is the source: https://github.com/openplotter/openplotter-network
is the system able to manage hashed passwords in wpa_supplicant.conf?
RE: Security - meo - 2023-11-06
(2023-11-06, 11:43 AM)Sailoog Wrote: This is the source: https://github.com/openplotter/openplotter-network
is the system able to manage hashed passwords in wpa_supplicant.conf?
I'm sure it works with hashed passwords since I have already done it manually by editing the file
(eg. https://unix.stackexchange.com/questions/278946/hiding-passwords-in-wpa-supplicant-conf-with-wpa-eap-and-mschap-v2 ).
I'm a bit rusty with programming in python (I'm not a programmer at all)... but it seems I've found the place
that can be hacked. I'll do some test and come back with the results.
Thanks!
meo
RE: Security - baltika_no_9 - 2023-11-06
...........the hashed password does not have "quotes".
I've checked my etc/wpa_supplicant.conf file and the password does not have quotes. Are we talking about a different file?
Code:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="myssid"
psk=ddbd50e34e65bc9e29b1df0c333213addf3e0b5b290669ba6410c610350e2a6f
}