After some search I found the little tool nt_password_hash which can be build from hostapd sources. I grapped the hostapd PKGBUILD and changed it to build and install only the nt_password_hash tool. (via this german discussion)
The new PKGBUILD can be found in the AUR: https://aur.archlinux.org/packages/host … word_hash/
So when using a WPA-EAP wirless network with MSCHAPv2 or MSCHAP one can use
# nt_password_hash MY_SECRET_PASSWORD
to generate a 16 digit MD4 hash and store that hash instead of the plaintext password to your wpa_supplicant.conf or netctl/netcfg configsection.
See /etc/wpa_supplicant.conf line 659
I hope I have done everything right with the PKGBUILD
Greetings, Daniel
]]>