wpa: use password command
j at w1.fi
Sat Nov 26 01:18:40 PST 2022
On Fri, Nov 25, 2022 at 10:31:59AM -0500, npiazza at disroot.org wrote:
> Instead of having passwords stored plain text in /etc/wpa_supplicant.conf
> would it be possible to use a password command there, along the lines of
> password="/usr/bin/pass name at email"
> psk="/usr/bin/pass other at email"
There are multiple different ways of storing passwords in external
locations, e.g., by not using a configuration file at all and instead
configuring the passwords over the control interface or by using an
external password backend (see ext_password_backend and ext:<name>).
That latter option could be used to implement something similar to what
you seem to describe here.
> The init scheme then takes care of operating wpa_supplicant as my
> user, rather than root.
I'm not sure how that is related to how the passwords are stored.
Jouni Malinen PGP id EFC895FA
More information about the Hostap