On Mon, Nov 10, 2014 at 05:07:25PM +1100, Trent W. Buck wrote:
I just installed wheezy over WPA and ran into #694068.
While investigating that, I grepped for my PSK across /.
I found it in /var/log/installer/cdebconf/questions.dat under
netcfg/wireless_wpa. It is stored in cleartext; the file is only
readable by root.
In templates.dat (same dir), I see
Name: netcfg/wireless_wpa
Type: string
Description: WPA/WPA2 passphrase [...]
Since it's a PASSPHRASE, shouldn't it be Type: password?
Normal users cannot read questions.dat,
so I don't think this is an immediate problem.
(FWIW hostapd's wpa_psk_file option lets each device have its own PSK,
so when Mallet is sacked and his PSK is revoked, he can't simply spoof
Alice's MAC and use his PSK to get in. I don't use EAP-TLS client
certs because support for that is depressingly limited.
This means my PSKs are more secret than your typical home network
where there's one shared PSK that everyone knows.)
That discussion popped up earlier. The problem with Type: password is
that you don't see what you're typing in d-i and this may be desirable
given long complex passphrases (the over the shoulder attack was
discarded). Sadly there's no easy way to toggle display in debconf
(yet).
But then this is the first time I read about this use of PSK instead of
normal EAP keying.
Kind regards
Philipp Kern
signature.asc
Description: Digital signature