07-14-2019, 01:24 PM
(07-14-2019, 09:18 AM)ghoeher Wrote: Just a quick thought. Maybe it's stupid b*llsh*t or to complicated to implement
Why don't you just save a hash value of the password in the database and compare against it.
Then, when loading the Network config page, just load the hash value to the psk field.
If it did not change when saving, don't change the psk in the wpa_supplicant.conf. If it changed, the new value is the new psk which should be written to the wpa_supplicant.conf and a new hash has to be created and saved to the database.
Then you don't have to save obscured passwords in the database any longer.
For the hostapd.conf, I don't care about the plaintext password. If this is hacked, you can connect to the moode-system but nothing else.
Maybe I'm a little bit paranoid, but the psk in the wpa_supplicant is the one of my WiFi where also other systems are located, so if this is hacked, access to my complete network is possible.
The hash scheme would prolly work. I'll look into that approach.
The main issue with having plaintext passwords lying around is that people will often use the same password for authenticating to multiple services.
