You are not logged in.

#1 2020-05-06 13:52:11

droidus
Member
Registered: 2020-04-28
Posts: 44

Encrypting PSK in netctl profile file

I am trying to encrypt my PSK in my netctl profile file.  Here is what my file looks like:

Description='A simple WPA encrypted wireless connection'
Interface=wlp2s0
Connection=wireless

Security=wpa
IP=dhcp

#ESSID='x'
# Prepend hexadecimal keys with \"
# If your key starts with ", write it as '""<key>"'
# See also: the section on special quoting rules in netctl.profile(5)
#Key='x'
# Uncomment this if your ssid is hidden
#Hidden=yes
# Set a priority for automatic profile selection
#Priority=10

WPAConfigSection={
        'ssid="x"'
        'psk="x"'
}

Offline

#2 2020-05-06 13:58:17

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 21,410

Re: Encrypting PSK in netctl profile file

And your question is? What from https://wiki.archlinux.org/index.php/Ne … _(WPA-PSK) and the follow up section is unclear?

Offline

#3 2020-05-06 16:17:55

droidus
Member
Registered: 2020-04-28
Posts: 44

Re: Encrypting PSK in netctl profile file

The error is "failed to parse psk '""'".
I tried this, and it still seems to throw the same error. 
When generating via wpa_passphrase, if my password has special characters, can I just surround the entire thing with single quotes?

Offline

#4 2020-05-08 11:46:46

droidus
Member
Registered: 2020-04-28
Posts: 44

Re: Encrypting PSK in netctl profile file

Can someone please help me?

Offline

#5 2020-05-08 12:01:30

Head_on_a_Stick
Member
From: London
Registered: 2014-02-20
Posts: 7,679
Website

Re: Encrypting PSK in netctl profile file

droidus wrote:

Can someone please help me?

Don't do that.

droidus wrote:

When generating via wpa_passphrase, if my password has special characters, can I just surround the entire thing with single quotes?

Just use this (replace $ssid with the actual name of the access point):

wpa_passphrase '$ssid'

Then type in the password (without quotes) when prompted.

Or use wifi-menu with the -o switch to generate a profile with an obfuscated password key (as mentioned on the above linked ArchWiki page).

Offline

#6 2020-05-08 12:26:01

droidus
Member
Registered: 2020-04-28
Posts: 44

Re: Encrypting PSK in netctl profile file

Running wifi-menu -o only prompts for the ssid, and then quits, and no profile is generated.  Nothing is outputted (ie errors).

Offline

#7 2020-05-08 12:31:18

Head_on_a_Stick
Member
From: London
Registered: 2014-02-20
Posts: 7,679
Website

Re: Encrypting PSK in netctl profile file

Did you delete (or move) the old profile for that access point before running wifi-menu?

Offline

#8 2020-05-08 12:41:30

droidus
Member
Registered: 2020-04-28
Posts: 44

Re: Encrypting PSK in netctl profile file

Yes, I made sure to do that.

Offline

#9 2020-05-09 14:50:49

Head_on_a_Stick
Member
From: London
Registered: 2014-02-20
Posts: 7,679
Website

Re: Encrypting PSK in netctl profile file

What was the exact command that you used to start wifi-menu?

Have you tried editing the profile manually with a key generated using the wpa_passphrase technique that I suggested?

Offline

#10 2020-05-09 15:28:54

seth
Member
Registered: 2012-09-03
Posts: 49,950

Re: Encrypting PSK in netctl profile file

The profile is probably still active…

@droidus, look at the wiki V1del linked. Does the hashed psk have double quotes?

Offline

#11 2020-05-09 23:59:47

droidus
Member
Registered: 2020-04-28
Posts: 44

Re: Encrypting PSK in netctl profile file

Head_on_a_Stick wrote:

What was the exact command that you used to start wifi-menu?

Have you tried editing the profile manually with a key generated using the wpa_passphrase technique that I suggested?

wifi-menu -o
Yes.

I am getting this error message:

Line 5: Invalid passphrase length 0 (expected: 8..63) '"'.
May 09 19:52:36 hostname network[14965]: Line 5: failed to parse psk '""'.
May 09 19:52:36 hostname network[14965]: Line 7: failed to parse network block.

wpa_passphrase did not output double quotes.
I do have profile files name with the target, but not exactly the same.  For example, if it's essid, the file would be called essid.orig.  Would this interfere with wifi-menu?

Offline

#12 2020-05-10 05:53:17

seth
Member
Registered: 2012-09-03
Posts: 49,950

Re: Encrypting PSK in netctl profile file

wpa_passphrase did not output double quotes.

Yeah but the profile you posted suggests them. And so does the error message…

If wifi-menu does't ask you to provide a new key for the SSID, you either have a matching profile around or are already connected to the AP. Run "netctl stop-all" before running wifi-menu.

Offline

Board footer

Powered by FluxBB