This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Security
#1
I noticed that the network configuration tool puts an unhased password for the Wifi network in the wpa_supplicant.conf file

I think that it is better to use an hashed psk. The syntax is easy: the hashed password does not have "quotes".

The Python code to calculate the hashed psk should be:

import hashlib, binascii
def wpa_psk(ssid, password):
    dk = hashlib.pbkdf2_hmac('sha1', str.encode(password), str.encode(ssid), 4096, 32)
    return (binascii.hexlify(dk))

Sorry but I was not able to find in OpenPlotter GitHub sources the code to modify and to pull a request...
Therefore I use a Feature Request!

Thanks for your attention
Reply
#2
This is the source: https://github.com/openplotter/openplotter-network

is the system able to manage hashed passwords in wpa_supplicant.conf?
Reply
#3
(2023-11-06, 11:43 AM)Sailoog Wrote: This is the source: https://github.com/openplotter/openplotter-network

is the system able to manage hashed passwords in wpa_supplicant.conf?

I'm sure it works with hashed passwords since I have already done it manually by editing the file
(eg. https://unix.stackexchange.com/questions...-mschap-v2 ).

I'm a bit rusty with programming in python (I'm not a programmer at all)... but it seems I've found the place
that can be hacked. I'll do some test and come back with the results.

Thanks!
meo
Reply
#4
...........the hashed password does not have "quotes".

I've checked my etc/wpa_supplicant.conf file and the password does not have quotes. Are we talking about a different file?

Code:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
        ssid="myssid"
        psk=ddbd50e34e65bc9e29b1df0c333213addf3e0b5b290669ba6410c610350e2a6f
}
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)