OpenWrt Forum Archive

Topic: WPA key, does it have to be just alphanumeric?

The content of this topic has been archived on 21 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
PinkBunny
31 May 2008, 22:35

Hello,

In the wiki (http://wiki.openwrt.org/OpenWrtDocs/Kam … Encryption) it says that one should only use alphanumeric combo for wpa/wpa2 key, however I tried a string of random printable ascii chars (excluding ' because config file uses 'key' format to store key) and seems to work too.
It used to work on official Asus WL-500gP firmware too, even with ', so I am unsure where the problem is and why that wiki recommendation stands.

Is it ok to use random printable ascii char key or there are some other reasons why I should restrict myself to using "simpler" alphanumeric string? (since it's just my home AP for personal use, I use 63 characters key)

Post #2
vasquez
4 Jun 2008, 13:55

It's safe to stay with the recommendation. My guess is since the configuration might be read by shell scripts they could interpret the key string.  If by chance it looks something like "fre2t23re${var}sedfd..", the ${var} may be replaced with nothing and your key doesn't work anymore.

Post #3
xerces8
4 Jun 2008, 15:12

Bugs in shell scripts are fixed by fixing the bugs in shell scripts, not by bending data to fit their buggy behavior.
Especially since shell scripts come with source by definition.
Do not support bugs.

Post #4
vasquez
4 Jun 2008, 15:29

I would not call it a bug, it's a limitation due to the way the configuration system works.
Try this:
uci set system.cfg1.mtest="$0"
uci show
....
system.cfg1.mtest=-ash
....

if you add the line in /etc/config/system you get
...
system.cfg1.mtest=/bin/uci
....

That's not easy to fix, I wanted to point out the failure modes if you deviate from the recommendation.

Post #5
Wodin
4 Jun 2008, 19:34
vasquez wrote:

I would not call it a bug, it's a limitation due to the way the configuration system works.
Try this:
uci set system.cfg1.mtest="$0"
uci show
....
system.cfg1.mtest=-ash
....

That's got nothing to do with the configuration system.  That's because your shell (ash) substitutes "-ash" for "$0" before running the "uci" command.  If you had used single quotes instead it should have been equivalent to editing the file and adding a literal $0.

vasquez wrote:

if you add the line in /etc/config/system you get
...
system.cfg1.mtest=/bin/uci
....

That's not easy to fix, I wanted to point out the failure modes if you deviate from the recommendation.

That looks like a bug to me, no matter how hard it might be to fix smile

Post #6
vasquez
5 Jun 2008, 14:51
Wodin wrote:

That looks like a bug to me, no matter how hard it might be to fix smile

I respectfully disagree. In principle all printable characters are usable, but they need to be escaped. The openwrt maintainers documented it in a way to minimize problems. If you think it's a bug, open a ticket on https://dev.openwrt.org/.

PinkBunny: If you want to use more characters, make sure you escape the ones that get interpreted by the shell, like ", {, } and $.

Post #7
Wodin
5 Jun 2008, 16:57

We will have to agree to disagree then. smile

The discussion might have continued from here.