0
I have a basic question which has been bugging me for quite some time.
I will update my router to WPA2 soon (about time) but I also want to learn to use wpa_supplicant in case I need it. I found out I need to configure the wpa_supplicant config file, but the psk line has been bugging me. I do not know if I can just use the 'password' I have on the router, or if it HAS to be generated by wpa_passphrase.
Thanks.
p1xel
Posted 2013-11-24T08:15:48.157
Reputation: 420
1
It does not have to be configured with wpa_passphrase. In fact, the very first example of the Manpage for the wpa_supplicant.conf file is:
QUICK EXAMPLES
1. WPA-Personal (PSK) as home network and WPA-Enterprise with EAP-TLS as work network.
# allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
#
# home network; allow all valid ciphers
network={
ssid="home"
scan_ssid=1
key_mgmt=WPA-PSK
psk="very secret passphrase"
}
#
You see that in this case you are free to add your password in clear text to the file: the " " means exactly that, the password is in clear text, and that it will have to be hashed for it to become a proper PSK.
wpa_passphrase generates that PSK from the ASCII password (and from the SSID), a step which is automatically performed by wpa_supplicant when presented with the clear-text password between apices.
I would also like to stress that there is no extra security involved in storing your PSK in clear text or in hashed form, on your pc. Any half competent attacker grabbing hold of your PSK will be able t use it to connect to your wifi system, without even bothering trying to re-construct the original clear-text form of the password, an impossible and useless task.
MariusMatutiae
Posted 2013-11-24T08:15:48.157
Reputation: 41 321