24

I'm running gentoo on my laptop, and I'm currently using wpa_supplicant to handle wifi.

My configuration works and I can connect, but it is required to type in the plain text password into the configuration file. This doesn't work if I want to connect to a friend's wifi and they want to type in the password instead of telling me what it is. There's no security with plain text passwords.

How can I make this more secure so that some sort of encrypted password is stored instead of plaintext?

Anthon
  • 78,313
  • 42
  • 165
  • 222
mouche
  • 1,305
  • 2
  • 15
  • 15

2 Answers2

18

wpa_passphrase [ ssid ] [ passphrase ] generates a WPA PSK from an ASCII passphrase for a SSID. Then store it as

network={
        ssid="your ssid"
        psk=outputfromabove
}
Pedro Silva
  • 464
  • 3
  • 6
  • oh great, thanks. Do you know of any option to have it take the passphrase as a linux password where it doesn't show the characters? – mouche Aug 11 '10 at 06:36
  • Do `history -c` instead. – JohnnyFromBF May 06 '12 at 06:54
  • 5
    Or do `xargs -n 2 wpa_passphrase` followed by `ssid` and `passphrase` each on its own line, followed by `C-d`. – Pedro Silva May 06 '12 at 19:31
  • 1
    This adds no security. While the password is not stored in plain text, knowing the PSK is enough to connect to the network. – BatchyX Apr 02 '14 at 20:24
  • 1
    I'm just answering the question. In any case, https://en.wikipedia.org/wiki/Salt_(cryptography). – Pedro Silva Apr 02 '14 at 21:11
  • 1
    This works for the case of the SSID with a single pass phrase (psk=...). Is there a way to do the same for the SSID / identity / password case (password=...)? – AstroFloyd Jul 30 '15 at 09:13
  • 2
    It adds security. My work uses the AD password for wifi. I don't want my AD password sitting around un-hashed. – John Eikenberry May 21 '17 at 02:47
4

Alternatively, you can leave the password entry blank. If you're running wpa_gui, it will prompt you for the password. (I do this with eduroam accounts, as my password is the same as my *nix login)

auspicious99
  • 113
  • 1
  • 8
gi1242
  • 41
  • 1