[pkg-wpa-devel] Bug#644251: Bug#644251: wpasupplicant: please make it possible to query for passphrases

Stefan Lippers-Hollmann s.L-H at gmx.de
Tue Oct 4 14:47:08 UTC 2011 

Hi

On Tuesday 04 October 2011, Sebastian Harl wrote:
[...]
> Hi,
> 
> it would be nice to be able to let wpa-supplicant query for PSKs /
> passphrases / whatever when configuring a network in interfaces(5). This
> is useful, for example, on shared notebooks or similar.
> 
> The attached patch allows to specify 'wpa-ask-pass yes' or 'wpa-ask-psk
> yes' in interfaces(5). The passphrase / PSK will then be read from stdin
> when running 'ifup <iface>'.

How do you imagine this to work, especially considering the auto/ allow
hotplug cases in /etc/network/interfaces (ifupdown integration)?

Given that sysvinit, just as well as upstart or systemd, have switched 
to parallel booting, you no longer have a (reliable) controlling 
terminal available (/etc/init.d/networking invoking wpasupplicant 
through ifupdown hooks) and can't just query for the psk. Likewise
X requiring dialog frontends aren't possible either, or actually 
even less.

> The querying could also be done using zenity/kdialog/whatever -- if the
> general approach is fine for you, I'd be happy to modify the patch
> accordingly.

The only way I can see this patch working, is if you 
strictly don't use /etc/network/interfaces and exclusively invoke
ifup/ ifdown from a controlling terminal. Looking at your 
zenity/kdialog/whatever suggestion it would even have to share the 
MIT X11 session cookie to be able to display your X11 based dialog, 
which would be totally impossible to invoke from ifupdown.

For this particular use case of not storing a psk to disk, wouldn't it 
be easier to use wpa_cli or wpa_gui instead, or to make use of a higher
level networking interface (e.g. network-manager, wicd, or a simple 
custom tools or dæmon making use of wpasupplicant's D-Bus interface)?
A simple example of how to use wpa_cli from perl would be [1], likewise
you could also set up a temporary (unsaved) network definition using 
it. 

Regards
	Stefan Lippers-Hollmann

[1]	http://svn.berlios.de/svnroot/repos/fullstory/ceni/trunk/lib/Ceni/Backend.pm

More information about the Pkg-wpa-devel mailing list