question about network configuration in wpa_supplicant.conf
Mon Jul 31 04:08:33 PDT 2006
Osho GG wrote:
> Well, I was hoping that wpa_supplicant can use the encrypted version
> of this password :) (like it does for psk).
The PSK is *NOT* encrypted, it's just in a hex format. Anyone can use
that string of hex bytes instead of a text passphrase, and still connect
to your PSK network.
(Every supplicant actually uses the hashed (hex-bytes) value in the
4-way handshake, not the text passphrase. Most allow you to type in
either. Certainly the XP supplicant allows you to type in either.)
> and is reasonably secure as the password is not saved anywhere in
> plain text.
Except it is stored as a LanMan hash by default (extraordinarily easy to
de-hash)... but that's a separate issue.
> Could wpa be configured in such a manner that it can use my linux
> user password (or even root password)
Not that I know of, but why would you want to use the same password
anyway? And if you aren't using the same password, would that make it a
lot less of a problem that it's saved in plain-text, because it isn't
used for anything else?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060731/ef21b8a0/attachment.pgp
More information about the Hostap