[SOLVED] - CentOS 8 - WPA_PSK in clear text

Issues related to configuring your network
Post Reply
User avatar
warron.french
Posts: 422
Joined: 2014/03/27 20:21:58

[SOLVED] - CentOS 8 - WPA_PSK in clear text

Post by warron.french » 2020/02/14 05:08:08

I was perusing files under /etc/sysconfig/network-scripts and found the file keys-MyWiFiName the content of that file is:

Code: Select all

WPA_PSK="MyWiFi_Password"
Is this really appropriate? I would hope the WiFi password would be encrypted. No?
Last edited by warron.french on 2020/02/15 07:12:43, edited 1 time in total.
Thanks,
War

aks
Posts: 2925
Joined: 2014/09/20 11:22:14

Re: CentOS 8 - WPA_PSK in clear text

Post by aks » 2020/02/14 18:24:10

That's the way I used to do it (ages ago) and it works. I just made sure the permissions where appropriate.
Now I just make it NM's problem (and assume NM keeps the secret secret).

User avatar
warron.french
Posts: 422
Joined: 2014/03/27 20:21:58

Re: CentOS 8 - WPA_PSK in clear text

Post by warron.french » 2020/02/15 07:11:53

@aks, thanks for the feedback.

It still seems weird to me that the password isn't at least hashed or encrypted.

Understanding updated. This is my first dedicated hardware (laptop) Linux machine for personal use that I have built and of course, I am doing it with CentOS 8. I am kind of having fun with it!

Thanks.
Thanks,
War

User avatar
KernelOops
Posts: 195
Joined: 2013/12/18 15:04:03
Location: xfs file system

Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text

Post by KernelOops » 2020/02/15 08:37:55

The wifi password has always been kept in clear text because in theory only root has access to it (via file permissions).

It could be encrypted with wpa_passphrase

Code: Select all

WPA_PASSPHRASE(8)                                                                                   WPA_PASSPHRASE(8)

NAME
       wpa_passphrase - Generate a WPA PSK from an ASCII passphrase for a SSID

SYNOPSIS
       wpa_passphrase [ ssid ]  [ passphrase ]

OVERVIEW
       wpa_passphrase  pre-computes  PSK  entries  for network configuration blocks of a wpa_supplicant.conf file. An
       ASCII passphrase and SSID are used to generate a 256-bit PSK.
--
I love my computer - all my friends live there.
--

User avatar
TrevorH
Forum Moderator
Posts: 27647
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text

Post by TrevorH » 2020/02/15 13:08:33

It would also be fairly tricky to encrypt it in any useful manner as it would need to ask for a password to unlock the password so at that point, you might as well just tell it not to save the WPA password and have it ask for it.
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

aks
Posts: 2925
Joined: 2014/09/20 11:22:14

Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text

Post by aks » 2020/02/16 19:37:01

Well it would have to be a reversible encryption anyway (i.e.: you can get the secrets without knowing/having anything else).

Post Reply

Return to “CentOS 8 - Networking Support”