[Bug 1819831] Re: broken generation of wpa config for hashed passwords

Launchpad Bug Tracker 1819831 at bugs.launchpad.net
Wed Oct 2 21:54:51 UTC 2019 

This bug was fixed in the package netplan.io - 0.98-0ubuntu1~19.04.1

---------------
netplan.io (0.98-0ubuntu1~19.04.1) disco; urgency=medium

  * Backport netplan.io 0.98 to 19.04. (LP: #1840832)

 -- Mathieu Trudel-Lapierre <cyphermox at ubuntu.com>  Mon, 26 Aug 2019
16:41:36 -0400

** Changed in: netplan.io (Ubuntu Disco)
       Status: Fix Committed => Fix Released

** Changed in: netplan.io (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netplan.io in Ubuntu.
Matching subscriptions: foundations-bugs
https://bugs.launchpad.net/bugs/1819831

Title:
  broken generation of  wpa config for hashed passwords

Status in netplan:
  Fix Released
Status in netplan.io package in Ubuntu:
  Fix Released
Status in netplan.io source package in Bionic:
  Fix Released
Status in netplan.io source package in Disco:
  Fix Released

Bug description:
  [Impact]
  netplan users configuring a wireless connection; who would like to use password hashes for the password (ie. they might not know the real password, etc.)

  [Test case]
  Write configuration for netplan wireless interface:

  network:
    version: 2
    wifis:
      wlan0:
        access-points:
          MyAccessPoint:
            password: hash:83d…0b11

  Verify that the wireless network can be succesfully connected to.

  [Regression Potential]
  This has a minimal risk of regression. Passwords do not typically include "hash:" as first characters, and if so may be escaped via quoting. This does not otherwise affect any other feature of netplan, and is limited to allowing users to use the commonly accepted format of hashed passwords to pass to the renderer, for connecting to wifi.

  ---

  Have a look at the netplan.io config file at
  https://gist.github.com/fluffy/e2a202a0816299d519dabf7bbed2f7bb for
  802.1 auth for a wired network.

  This will generate a wpa config file at /run/netplan/wpa-enp4s0.conf
  that has

  password="hash:83d…0b11"

  However, this is not correct. It should not have the quotes and should
  look like

  password=hash:83d…0b11

  The quotes cause the wpa_suppicant to not detect this is a hashed
  password and instead think it is a normal password that starts with
  hash:

  This is an important bug because at Cisco we can not store our
  passwords unhashed on disk and our production network requires 802.1x
  auth. I think this is simple to fix and I'm glad to send a PR or any
  other information that helps fix it.

  Thank you for looking at this, Cullen

To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/1819831/+subscriptions

More information about the foundations-bugs mailing list