The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Stefan Winter <stefan.winter AT restena.lu>]

Hi,

> A colleague of me has made an suggestion for an more secure Linux
> configuration in case the first option based with python script fails.
> 
>  
> 
> I tried to translate his explanation: in case the first method fails the
> tools starts a second procedure with shell scripting.
> 
> With this method the password is stored in plaintext in the
> wpa_supplicant config file. Users are informed about this during the
> installation.
> 
>  
> 
> Following my colleague  there is an standard tool included in the
> wpa_supplicant suite which can hash the password in the component
> "wpa_passphrase".
> 
> This has been added in rules 407 en 420  of the attachment.

This doesn't look correct to me: the manpage of wpa_passphrase speaks of
WPA2-PSK and not about user passwords:


man 8 wpa_passphrase:

 wpa_passphrase - Generate a WPA PSK from an ASCII passphrase for a SSID

> Can this be helpful for the developers?

If it were assured that this function actually works with user
passwords, not PSKs, then maybe.

What makes you think so? Does this really *work*?

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature