On Mon, Nov 10, 2014 at 05:07:25PM +1100, Trent W. Buck wrote: > I just installed wheezy over WPA and ran into #694068. > While investigating that, I grepped for my PSK across /. > > I found it in /var/log/installer/cdebconf/questions.dat under > netcfg/wireless_wpa. It is stored in cleartext; the file is only > readable by root. > > In templates.dat (same dir), I see > > Name: netcfg/wireless_wpa > Type: string > Description: WPA/WPA2 passphrase [...] > > Since it's a PASSPHRASE, shouldn't it be Type: password? > > Normal users cannot read questions.dat, > so I don't think this is an immediate problem. > > > (FWIW hostapd's wpa_psk_file option lets each device have its own PSK, > so when Mallet is sacked and his PSK is revoked, he can't simply spoof > Alice's MAC and use his PSK to get in. I don't use EAP-TLS client > certs because support for that is depressingly limited. > > This means my PSKs are "more secret" than your typical home network > where there's one shared PSK that everyone knows.) That discussion popped up earlier. The problem with "Type: password" is that you don't see what you're typing in d-i and this may be desirable given long complex passphrases (the over the shoulder attack was discarded). Sadly there's no easy way to toggle display in debconf (yet). But then this is the first time I read about this use of PSK instead of normal EAP keying. Kind regards Philipp Kern
Attachment:
signature.asc
Description: Digital signature