Page 1 of 1
[SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/14 05:08:08
by warron.french
I was perusing files under /etc/sysconfig/network-scripts and found the file keys-
MyWiFiName the content of that file is:
Is this really appropriate? I would hope the WiFi password would be encrypted. No?
Re: CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/14 18:24:10
by aks
That's the way I used to do it (ages ago) and it works. I just made sure the permissions where appropriate.
Now I just make it NM's problem (and assume NM keeps the secret secret).
Re: CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/15 07:11:53
by warron.french
@aks, thanks for the feedback.
It still seems weird to me that the password isn't at least hashed or encrypted.
Understanding updated. This is my first dedicated hardware (laptop) Linux machine for personal use that I have built and of course, I am doing it with CentOS 8. I am kind of having fun with it!
Thanks.
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/15 08:37:55
by KernelOops
The wifi password has always been kept in clear text because in theory only root has access to it (via file permissions).
It could be encrypted with wpa_passphrase
Code: Select all
WPA_PASSPHRASE(8) WPA_PASSPHRASE(8)
NAME
wpa_passphrase - Generate a WPA PSK from an ASCII passphrase for a SSID
SYNOPSIS
wpa_passphrase [ ssid ] [ passphrase ]
OVERVIEW
wpa_passphrase pre-computes PSK entries for network configuration blocks of a wpa_supplicant.conf file. An
ASCII passphrase and SSID are used to generate a 256-bit PSK.
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/15 13:08:33
by TrevorH
It would also be fairly tricky to encrypt it in any useful manner as it would need to ask for a password to unlock the password so at that point, you might as well just tell it not to save the WPA password and have it ask for it.
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/16 19:37:01
by aks
Well it would have to be a reversible encryption anyway (i.e.: you can get the secrets without knowing/having anything else).
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/17 06:10:29
by warron.french
So, why can MS Windows store the WPA password but not in clear text?
This is more of an academic question really.
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/17 06:15:35
by warron.french
KernelOops wrote: ↑2020/02/15 08:37:55
The wifi password has always been kept in clear text because, in theory, only root has access to it (via file permissions).
It could be encrypted with wpa_passphrase
Code: Select all
WPA_PASSPHRASE(8) WPA_PASSPHRASE(8)
NAME
wpa_passphrase - Generate a WPA PSK from an ASCII passphrase for an SSID
SYNOPSIS
wpa_passphrase [ ssid ] [ passphrase ]
OVERVIEW
wpa_passphrase pre-computes PSK entries for network configuration blocks of a wpa_supplicant.conf file. An
ASCII passphrase and SSID are used to generate a 256-bit PSK.
@KernelOops if I use this WPA_PASSPHRASE do I copy the results into the field in the same place as the cleartext original password into the
same file?
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/17 07:10:12
by KernelOops
I haven't used it for a while so I don't remember how it works. Read the man page for the details:
Re: [SOLVED] - CentOS 8 - WPA_PSK in clear text
Posted: 2020/02/21 05:10:08
by warron.french
@KernelOops, thanks.