From nobody Sat Jan 11 16:14:16 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YVk9p0NpDz5kXM8; Sat, 11 Jan 2025 16:14:22 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com [IPv6:2a00:1450:4864:20::32e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YVk9n0Xn7z4kKx; Sat, 11 Jan 2025 16:14:21 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=jatHhd88; spf=pass (mx1.freebsd.org: domain of grahamperrin@gmail.com designates 2a00:1450:4864:20::32e as permitted sender) smtp.mailfrom=grahamperrin@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-wm1-x32e.google.com with SMTP id 5b1f17b1804b1-43635796b48so18949045e9.0; Sat, 11 Jan 2025 08:14:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1736612058; x=1737216858; darn=freebsd.org; h=content-transfer-encoding:autocrypt:subject:content-language:from :to:user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=pMgJESoMXLAEsfLq3OgSSIyQrEJ8Jht332e/9U6OQu8=; b=jatHhd88tPKyPTL5mNCznm13r684RYm5nRlL0xRM1SuJAU7VP6zdOhyBBx6Ph1GjlL GRHDQOqynP5VgUy7eoyqSRTbRpnOuQNMEJIgSdD7RjHMrrT6OGAEdPr0NU/zCVv7TXm/ rqhqhVltttNXAnTU9VeVYb/qK623sK22n63t1PE7jlQsHBfASw143CdhaxdMAGtwm3M9 2LYUpGp+Ixvsj/i3lf0I68lLTLpa2xnZzksknMkgB/F06zQLs7qUBchH942RhJlZtUMB H0vgFMcMVpDHqmuif8b1hRHi5AKftiq57C3WuZF7F5V2Zi2lEL+DQAZbKp40CXzzXnxy IuAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736612058; x=1737216858; h=content-transfer-encoding:autocrypt:subject:content-language:from :to:user-agent:mime-version:date:message-id:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=pMgJESoMXLAEsfLq3OgSSIyQrEJ8Jht332e/9U6OQu8=; b=SiLvLoawfeaFC0shU20vzlmkkSmc7UmN3F42Pkv+4WejnC8bK0wyjCLRm/4nMXLZgS Og+sK0VEcIWom6l7/4luY52RSaG4euloAuszmZN/M+AUyWKS1gaUcCBJmJjM/m+b9lOj Byg+zJutwBAcjf6P5nlmG70JEneWtCeg1rf2mkcbwE1n8CwJuICeFbEwduzkU7liTPsU Qpij5FAzobdSr4YpD8NwQZAlW3iAwlyRyO3JvGg1+Y8CtKGJ36wvWDFKf9xZIcmDbvOE DHG3IHznc+r1Piaty85inwq+Ye0XAiM4u98sjGofIWvSU0A5i50tv1buK+AABjggvpa9 cTNg== X-Forwarded-Encrypted: i=1; AJvYcCXgJlErW5wjbhzaMyORldJvtqnhqFpdlcahAFZA4QDa6gstuuqMjpJhNYXmFgT4nEfnPMQk1zUsLfCUaaKuhzNfJuhuzw==@freebsd.org X-Gm-Message-State: AOJu0YwNMXXJPgIptaNtSj32HHjXa74KEKu7oJsoyVatyTXDYKFj9hgC vQZkFJ/E8+zEtYWnQEv4Ds6XMNFrGAbB0AuX9zSFZuZD2xVHr6Xp50qCxg== X-Gm-Gg: ASbGncvfVOuzPk9Nv1WDjsJb/XY+80hrqwO5ZXh8VKZh38mw9/+6zhDx1/yZcYdiqFu ghnAxtzty+hLcNX4firGHH3AYLkxkr9grBbuKXXJTyA1NDqdtOykCCRFnQzMZSqqJ8d46krKmfm vmlbpfSWSn0F/erW1l0vjoF0qaXo8w66NZ67fqUUwclIq097nCj2xmIpOwM80X/AscC0rs8qeg3 6AwbVueYhJ1jn8xvBCy05Zs7xlyc0+VJywNWiWufqWfLGp7VHU7bTSiBOhr3SP2ZjlIC8p45FkB Oxt24KHk9ev6WQ== X-Google-Smtp-Source: AGHT+IG4Qg4+Qf1LdNRTRmDG3MFryZXkt9TuitoQ+WMxfdo5EZHZhT8i5ooKcloRYgwJji9RL2qfnw== X-Received: by 2002:a05:600c:3b86:b0:434:f3d8:62db with SMTP id 5b1f17b1804b1-436e9d6963amr88635715e9.2.1736612057781; Sat, 11 Jan 2025 08:14:17 -0800 (PST) Received: from [192.168.1.10] (host-83-67-217-90.as13285.net. [83.67.217.90]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-436ed48f4b2sm73360785e9.24.2025.01.11.08.14.17 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 11 Jan 2025 08:14:17 -0800 (PST) Message-ID: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> Date: Sat, 11 Jan 2025 16:14:16 +0000 List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org From: Graham Perrin Content-Language: en-GB Subject: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam Autocrypt: addr=grahamperrin@gmail.com; keydata= xsFNBGKYt7ABEAClu83dJ3ZKfVgPOk9YKRv0Z+dl2b88+k9R4vwAmElgguYdKE7yhnQNhhWM v9vi6AFrBMc2oJdVHJ2OrXfwpELBFIgiSMEWNsC4e+Z3HtSajcl+pFZsP7ciiSoycj/w3wIV kAZoVGbhyIbNG7fbCEJ8q81TbfsGypV3bRmbZVvGNecBguYiooBtz2Qht1p3itXMkIA6P9pS YDl+6QddZLyUUAjAnFv2QDoYSHLnaDUWw4oONZsB0SKVu8jMIBh4uJZoYEOvdvc9jQQdOpA2 CAgA6ulfm42Ikr9lKBUUCtjqiWAhJ7iXOTyHAIdR4Mf8alCE6tdTq6dHdIt+GktTY7oYNyL2 3aD3C7I5waU0SFXvJcOMG10QLfwYQMOQoYQ9XJ0U5A28WYiDcylDdUWT7SappP1e1ZMeJWWO y14mxxNzHaJSI4rK8P/p5tp3Q7SSC4k5gMh9zKba3K2ApCWNbVLGvXsJeQkZZNvu70tE81ey AHI5iZcB6D7WaHysBUmsKaEpbcmm1ZThTnGL0SHEl5to5Jab5Fg6O+Cnly5sVz5lX/v8Aosx kKNei7SCVqXOVtteQeGxWbXWbhPgbMyc0Gi3DuxBI/yvJ43k/rJysQlLGLWfJx/UXprwLluC PDK9EvKEB+fD1Z349uzp1sKr3ihpySbyKI8fpudftnAz4EsoCwARAQABzSZHcmFoYW0gUGVy cmluIDxncmFoYW1wZXJyaW5AZ21haWwuY29tPsLBlAQTAQoAPhYhBFk/5bLDBwftvJcvCrdn SG9KGNQLBQJimMMBAhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4FAheAAAoJELdnSG9K GNQLbHAQAJi998y42bEbq5HmABYovmAEtQj33YSUWyc9QRmAHpN8Er3lTKsgmZcVChB5Fu/d go2oYynDjlVpA7+wiSmg4AG78mOYbg/e19XMhrH0keDKqZXFkU+G7agR0mF09qvpQZ9MTJYZ 2u7FtytZK665UfipOdV8eGn2hFC/WynjUwEzKyryBgbbLAEbfOPeZNry4h2ZPWbtTvx/PE/V X3Vh2oGqYx69DCGz+0xEhy62ZKbkX5SL8LUf/1WViyCVzsHasFxmFxYPWIfBy8ayQ7xapz7M cSXSQyu4oDT4qh9eZiGP9/aAcZKHcV6t9y77JGhUJ/5O1sANKMa3YhgimE+Z86LHYa1IH774 PHj1nAXBwS+Cj/1l/NQoQcyjvOj8zuCsMJVaLMb6B46YsReP4+3yBLpyeBC//t6zWPbgAkWW VjROC0dXUAMTFpnA6NZe3UghG+Nc4fnCLGOhc2nyWFYHIaYV6Hv1ITFSem9DdeNnR1CFm1VM TJ7i7TuqYM+WZTkoUsTf4c46hS/ZNJZSCxh0s9yYr+BYk3XBbd+ElaZ1dJE6cuSVdw15+P2h DnprurxC4byl4YFkn+UAVvQsOgeq6aSHLOHX0weYu1OLoiPYsTdyGhne72+kDhEEdFD5aHdQ PFrbQIrqWLV0a04++0ZwGpNvXtgnWhDdAQJDwGsSSwbLzsFNBGKYt7ABEADRb1tZuh7DPYET 0wK6fe7owbYgM+RfKhmcrGgR2HI9M2q6+0WKF/ITnggWdIW2Ecc4z2boLz/cwvPGCS7/YxZM 61KklGCwuS7q1s04XnHDWHuFxfXQPzAdVmNO3bYoMZbJjHXs6sB2u5ksiwPwaMAWWaGkviSj c5pwvHCiTmX5vH5CBj/Vi+5ESyX38vK4JM5S/m4ouI/6M9biyFgimV+v3vVyCxJCT1gI9g4o GIh1qq5S433b1fihn4yHPf8XOKyBpA/QcwLONViBqJL5nnOxpsh344rNxn2R7CcRzzicOV+e 2IbMem4lwNWQlZKoRotKXZi9LqN5mynSBYqAUdoZum0QinWT9F22B0Qex5PH1zAt9i2W91Vd kcPB3LwkRXj07ycRtsSzpgPA6fLc6AsoWFslHl8kVOO5eJIA4xhjlPa+W8lguQHZ0iX+5uAv 2eAgXR2swADuHPuENNFStmsgAMl8OOOgtq75yA5TpyIzxMuXV9Nmp0VfIaUM/IdLdmxhc1pC c320l5fYMHVLFAReWEbSj2QH8YzWfpXHIegutWWYEbH9SiDXgS9KoKmCJV/Qa+x6/b8y3pOZ vnIbCDaynC2Yr50s8gRa9kb54JE8Z+p8r16U3SEsK3PtUi0RF0e51danCVHrrE6/Hat2XUO/ 6nnYgVgFOrLao6Gh/VMs8wARAQABwsF8BBgBCgAmFiEEWT/lssMHB+28ly8Kt2dIb0oY1AsF AmKYt7ACGwwFCQWjmoAACgkQt2dIb0oY1Av7qg//YjCZg8VXyMzXssgIQpROKKqh5V0UBSQl rM3tq4tWhyg0HVMugQj0Om+iNPsEEOGHkm6tyhHMzlKGpAc/l0iAM+8twIyg44Yo5+DcfFXr OMTbTw9T9jDsWOkOBksxy29iYhgpqpWdDBnhXvrJp/FNAiX8CfzrIOZeFPydDoEiKBEXAxfe a9o5J/JeVnZiUeoiFe7i68nZGsb4JxhPczNfqW12t0Ll5/ibjszg5BgjXiLao0KqbWNh4bS5 CVwH90Or+5qqWgzWPeBiuz+rN2QXE/V/fL44GEj1YKASCqmaiYRgjoRFubz1aq1wCXMXY3Iq d4525rscUgS7HBxbblnyTodUPaamN/2nSzcmE/Pkx8MApDSgZCIhs0RTAg+/AoX4HULV1rSE TQwMrBEQt84Tw5W5rHsvXKr4ZEsJUpbPLWYTISsp23nHR+vZtL/Ug+OWCmHC7X7D21xk/xVJ 4sA1RLJBKdCHtnyA4Unv/kNS1KVGxHnITVyw1a71QJADu4qsdtM5u6CyYUhqhM1oseWtV6j+ Qi8KC/G4C3AgZf06fe2fVl42z2grTabL4bC6FQXMwTX2dsm5NakWjUCmUL8uwsQE7ZA4zKxo EYI1YV9q1birpzncYRupr1qnMoggMUHWq0IBYshFQrEO8PeVUZBw7/GfAeh3argdw2Qu748T Cyw= Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4YVk9n0Xn7z4kKx X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MLMMJ_DEST(0.00)[freebsd-desktop@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FREEFALL_USER(0.00)[grahamperrin]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::32e:from] I'd like the Foundation to have an issue (story) for this in its Laptop Project, . In for wpa_supplicant.conf(5), the example for eduroam uses a clear text password. I'm not aware of a method to have the password saved without clear text. The password should be truly private, for my eyes only. Not for the eyes of any other administrator of an installation of FreeBSD. was mentioned in an Enterprise Working Group (EWG) context in FreeBSD Discord in August 2023, . Thanks From nobody Sat Jan 11 21:02:31 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YVrZj5bf9z5jmF9; Sat, 11 Jan 2025 21:02:53 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: from fout-b2-smtp.messagingengine.com (fout-b2-smtp.messagingengine.com [202.12.124.145]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4YVrZj1xjlz4KDC; Sat, 11 Jan 2025 21:02:53 +0000 (UTC) (envelope-from dch@skunkwerks.at) Authentication-Results: mx1.freebsd.org; none Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42]) by mailfout.stl.internal (Postfix) with ESMTP id DF37B1140123; Sat, 11 Jan 2025 16:02:51 -0500 (EST) Received: from phl-imap-02 ([10.202.2.81]) by phl-compute-02.internal (MEProxy); Sat, 11 Jan 2025 16:02:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1736629371; x=1736715771; bh=Y0hl1zrU0zA1bAMxP8wR/PFTXHv8v5sr0qx2l/twsKY=; b= AHaxrRNXgor1Sdof/vgbPm3KDtTyaw3K1fxAlZ9NgcCeRgzVinLpn1+Y0Crqx3FY sAN65Ko1SG9xAtEbszndPYPUsqwIusjd+Zy1BuHyxIKSBUYXrxFh5VZDRuKDsCQG xk0FpxTKMlMjBDFAiJgGIKZGbK1VtXslKbHfsJe4Yl7iwaA+dxWkoJOl4j1I20Xa D6e7lH5eDndB5TS4YMfOrNWkHJk7ekr+JOJBfcByaGgh+O2D70O1kr8fyf9lp6qC EeKS2XbEzo6XIWAUSksK5cvAiakDPvNjvJ2n5sNVo+B+xHh0WC/oJ1CgNNLN894j 4FrDjRvlljFYDHDZlblwnQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; t=1736629371; x=1736715771; bh=Y 0hl1zrU0zA1bAMxP8wR/PFTXHv8v5sr0qx2l/twsKY=; b=lwE69YBF0NTfoTdXK fzb18Crgqe8viync/pJJJcmMQfM3GLPqFTEwb3LmgOuTwqBExGvW2s+fwvD4RJ4Q fRSoCCYnqamgLvVtsZojq0+M2GGsp/r3ebCY7bv2aEhFCYXPto8lJRlS2J7+azTX bbX9X0WBY4IEJeE98tLhGoZPfj4roXwMVqU5f97nK1zH4NtVRx+lJpAzNBIXLsVL frJJZit+OEsQUeiXsD83kXFay4eLW20Z2MflrhSMAB1tnc9wT3VPZ6k8LbXQH4IR 1DEY+rKcAovMaoBAN9XPHZJdLSKq/6fLlYzgSaT0IiQpWgsPlWrsZWVFGu0du7Io AVQtw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddrudehtddgudegtdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivg hnthhsucdlqddutddtmdenucfjughrpefoggffhffvkfgjfhfutgfgsehtqhertdertdej necuhfhrohhmpedfffgrvhgvucevohhtthhlvghhuhgsvghrfdcuoegutghhsehskhhunh hkfigvrhhkshdrrghtqeenucggtffrrghtthgvrhhnpefgtdfhtefffeekuefhteefhfet tdffueekgfefgffhfeeuudeiieeluddtgfeutdenucffohhmrghinhepghhithhhuhgsrd gtohhmpdhfrhgvvggsshgurdhorhhgpdifuddrfhhipdhfrhgvshhhphhorhhtshdrohhr ghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegutg hhsehskhhunhhkfigvrhhkshdrrghtpdhnsggprhgtphhtthhopeefpdhmohguvgepshhm thhpohhuthdprhgtphhtthhopehfrhgvvggsshguqdguvghskhhtohhpsehfrhgvvggssh gurdhorhhgpdhrtghpthhtohepfhhrvggvsghsugdqvghnthgvrhhprhhishgvfihgsehf rhgvvggsshgurdhorhhgpdhrtghpthhtohepghhrrghhrghmphgvrhhrihhnsehgmhgrih hlrdgtohhm X-ME-Proxy: Feedback-ID: ic0e84090:Fastmail Received: by mailuser.phl.internal (Postfix, from userid 501) id 56BC5B0006A; Sat, 11 Jan 2025 16:02:51 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 Date: Sat, 11 Jan 2025 22:02:31 +0100 From: "Dave Cottlehuber" To: "Graham Perrin" , freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org Message-Id: In-Reply-To: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4YVrZj1xjlz4KDC X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] On Sat, 11 Jan 2025, at 17:14, Graham Perrin wrote: > I'd like the Foundation to have an issue (story) for this in its Lapto= p=20 > Project, . > > In=20 > =20 > for wpa_supplicant.conf(5), the example for eduroam uses a clear text=20 > password. > > I'm not aware of a method to have the password saved without clear tex= t. It looks like it=E2=80=99s supported since a while. https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf # mem_only _psk : Whether to keep PSK/passphrase only in memory # 0 =3D allow psk/passphrase to be stored to the configuration file # 1 =3D do not store psk/passphrase to the configuration file #mem_only _psk =3D0 See if https://www.freshports.org/net/wpa_gui/ helps make this a bit eas= ier, or if wpa_cli is available maybe this can be lightly scripted. Dave From nobody Sat Jan 11 23:47:21 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YVwDm4YF8z5k2W7 for ; Sat, 11 Jan 2025 23:47:36 +0000 (UTC) (envelope-from tomek@cedro.info) Received: from mail-yb1-xb30.google.com (mail-yb1-xb30.google.com [IPv6:2607:f8b0:4864:20::b30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YVwDl5wVYz4cL2 for ; Sat, 11 Jan 2025 23:47:35 +0000 (UTC) (envelope-from tomek@cedro.info) Authentication-Results: mx1.freebsd.org; none Received: by mail-yb1-xb30.google.com with SMTP id 3f1490d57ef6-e399e904940so4889154276.2 for ; Sat, 11 Jan 2025 15:47:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cedro.info; s=google; t=1736639255; x=1737244055; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=dzdyA7A2isaNzHo6GCsKPOG9fbFPgkANlLJx70vF9Ms=; b=haOL5ACcnIsyuwBzxH9/mrB7DgiPxo9Gql/94LFx9n/RhozK4mdG/wZGzoejmLCb82 ApAibmVosGgNVdOnD629oZI1xcN1EVmkRe/quaA4+YfrTxnUaN1I9EOaT1N2On0ArFhi hm5yKJQ2aJ/w9G8QFaySMwSoMo3DQlwAT/pSklBkVokDJavFhGs/c/gxcYxlqUnLADCN 9PR6TgbwQQy7WIn+DhKCwOO5OhVyvpSfJyCV4/GZluhy6JQRl6mvbpQYP7ithq8XltDv WH8sA1asZCmDBFYW8YKre+iQYwVOPQuT2TAQ1ZvdHkM22HARitTnqVGeq5uHcav4jvtE P3nA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736639255; x=1737244055; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dzdyA7A2isaNzHo6GCsKPOG9fbFPgkANlLJx70vF9Ms=; b=P21gziYXva4bBVa0DHVkENifO9+ZFnHW4uHZ5qCH0BxPYImCfiAxoMAPLhTYuHiewp b3TX9kBW73HIdp6bLkaaITz/9vihMOigvtISPq+2grtUFZbwBLu7D/mZAKW/HbSgQoFL ybbJBvgbCMJ02tX8Eu0Pt76AXZs05uXQq01ONosgrMezwph4zUsdhYB1gbRDoVjOjsQ+ hO3T1+PekYJdROxKT7+Ji3P/CTz69XOhrsULWdf4jfzk45M3njNOZnkfUnNtRo9lTn9K fbDfurSDQXFvoxYkZBteD/q65dB4ictz4aKapSi8DC3A26q5H29v9aM0WTJ/1zi2lUzB mPKA== X-Forwarded-Encrypted: i=1; AJvYcCXSfAB47BPY6cTn/ILKZr9emsKVeZgIZf15Ttfw0h80/HVb/ZOowLmP1yN0aLYZAISt3uLIlXhgQUceAnwJ17xE6R2QuQ==@freebsd.org X-Gm-Message-State: AOJu0YzWebbYTI/A6kxRcgHPY3tb7RRO23PgRg1RyccJIS3RGiUFAZts ojXLnWDR9AjnaR0/w+Y+GoAE2af35geWJVlhWPlnQ/OHLXom0zv9nzWD8N1Inpia1n5kINA3CTI = X-Gm-Gg: ASbGnctKQGP1mUtLzZLl9vAtUVbgyERX43cbFogIyNLIIUY7cN41O2vdcuHd8iIfTAI eMmVcmPuEoP7rTvkCCUpdUzBzdi3AQikvggkP+7p4LdK7uXd3pcDYScB6sBS4A60C09SWqkxnd+ 1cftsoNsCd25sATvmNm0m3yx6MQ18xVSq+reOLAiUKGvVzYeUyBMyeSfYdwCt9USIAjACIEH2ps LJTYmzEaESzMyCuslHi29hUw7ZK2WYzGrBuosv8gO5i8kqafsjXEoyhBPd5eDAQKk9RfFyZQGb5 bY93up5ojGvXlEXbww== X-Google-Smtp-Source: AGHT+IF9+f19x8PlgTmPcRRy6Bu1ukErkrVSJdud4OPRdd2C/xVzW06FzbVrD+xcP/hAAzTtrwrafQ== X-Received: by 2002:a05:6902:2b8e:b0:e57:3714:3d1c with SMTP id 3f1490d57ef6-e57371440a5mr2772829276.25.1736639254790; Sat, 11 Jan 2025 15:47:34 -0800 (PST) Received: from mail-yb1-f172.google.com (mail-yb1-f172.google.com. [209.85.219.172]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e55be268d10sm953477276.47.2025.01.11.15.47.33 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 11 Jan 2025 15:47:33 -0800 (PST) Received: by mail-yb1-f172.google.com with SMTP id 3f1490d57ef6-e46c6547266so4662217276.3; Sat, 11 Jan 2025 15:47:33 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCXBw0PzA2DqH1SAgepIwzA5dVWhwrA+UtrNNU6OpfB50GB+a9A2DdQYxxt2SxvQwafHu1gV91NLAFAQVOrSWXG4z4PRPA==@freebsd.org X-Received: by 2002:a05:690c:31a:b0:6ef:7370:96ee with SMTP id 00721157ae682-6f5312209femr126188707b3.12.1736639253204; Sat, 11 Jan 2025 15:47:33 -0800 (PST) List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> In-Reply-To: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> From: Tomek CEDRO Date: Sun, 12 Jan 2025 00:47:21 +0100 X-Gmail-Original-Message-ID: X-Gm-Features: AbW1kvZSPg4dc_y5wpTGZMLYOvmve7ZfCj2QsWlN4KJ_floVm11PH3AKVFN4hgk Message-ID: Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam To: Graham Perrin Cc: freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4YVwDl5wVYz4cL2 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] On Sat, Jan 11, 2025 at 5:14=E2=80=AFPM Graham Perrin wrote: > I'd like the Foundation to have an issue (story) for this in its Laptop > Project, . > > In > > for wpa_supplicant.conf(5), the example for eduroam uses a clear text > password. > > I'm not aware of a method to have the password saved without clear text. https://man.freebsd.org/cgi/man.cgi?wpa_passphrase ? :-) --=20 CeDeROM, SQ7MHZ, http://www.tomek.cedro.info From nobody Sun Jan 12 08:36:24 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YW7z32cMxz5kGlk; Sun, 12 Jan 2025 08:36:31 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: from mail-wm1-x332.google.com (mail-wm1-x332.google.com [IPv6:2a00:1450:4864:20::332]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YW7z12g9zz49l0; Sun, 12 Jan 2025 08:36:29 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=cnd5Uty8; spf=pass (mx1.freebsd.org: domain of grahamperrin@gmail.com designates 2a00:1450:4864:20::332 as permitted sender) smtp.mailfrom=grahamperrin@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-wm1-x332.google.com with SMTP id 5b1f17b1804b1-43690d4605dso23554955e9.0; Sun, 12 Jan 2025 00:36:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1736670986; x=1737275786; darn=freebsd.org; h=content-transfer-encoding:in-reply-to:autocrypt:content-language :from:references:cc:to:subject:user-agent:mime-version:date :message-id:from:to:cc:subject:date:message-id:reply-to; bh=Rjd/S6BcA40qeUm70ruWOZvNM7+ETypfWvU0abcJPRE=; b=cnd5Uty8L2Tf2qo6Qm8cjFy1he0p1DG+h6JVyXCHIvfMTM7CLqOKcDNLwaEAPk39YP AcFnMpPOqXp1bgtMMQ1aYEbNkiOhmVBIG8eAEUSYmh1q+JBcQgTo1AXAf+zWBFYHRJ9y yuDlKrsGQiYxAg6EJanKlFuOWi+feosg5XZshhoeZQtKalmBjYnc7oPruNIHwedMGtPz inUk+abDAxdc3+UJYMBD826K1ck5EipbCuO2VtBYqFPlxpTJnz/o4iFXRxM94tGBpGN6 kX53585OdW+G98AeosrbrzstWysLnDO7HW7JpFlKbcvxHKIc9tzVEgWXmjrbZ83R0/fb pMQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736670986; x=1737275786; h=content-transfer-encoding:in-reply-to:autocrypt:content-language :from:references:cc:to:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Rjd/S6BcA40qeUm70ruWOZvNM7+ETypfWvU0abcJPRE=; b=GxeFF5ziKXvaSkR1MDarGrCxCiHjBfsOsHNuYQ7I33Is6/fPbXDopX0zJdR08gQ+qy gLNLvyrQ0NkekuPp4j/PmtAcP6uDIWumVqa6zveJ+m1VHibdPWHYiRNHJU6pzIm9MImY lI+K6lybS7PxuX6XskeE6rbaqIr4ROrla0qAWNuL5ZOQdGqg1EGQGrinb1SGJ1+2sXgP 0qrojQOVgCcWoAZCAcGIz3GZrCX4I00bLCwVLDNt8hWEkXJEUxs9EGW+bYFH/YORRpnj lIaxkt/lCF7COLO4PNjx/xEztskZ/cX/X+P1kFQZc6IVrGJgUcZHYAMhHTvXsrgOVSHG idtA== X-Gm-Message-State: AOJu0YxEDGb6nCvfvKnFj3r/j15D7YPooDaZLdittHsj3iHQm3UAipFc EwYvBtu3C28NpFXmOH/z0qzf2MEgunbMO9RiGLSPyfeG0qTnMX3m34CmCQ== X-Gm-Gg: ASbGncty2lDM5hrXmdZVikAl5bqMIt2jwkS0d24T37wP4Yy5B7tfaIrAHusbCiD8I9v XyPLp16+2O6w9JQQkyp/ef3WsR7dvSo8X1NUxFC5i8jVZyzWvxrflpoh0T9V9FmLzlcwXNfFdZP H6Ruf/yks7iZDaYkskdD5qL32Kcg6VWcqfXgEnIQG5jlx+7gSPnNVAjxUX8AuDXx1AMnTdUO64Q AydwNVZv5BuVYPg0J5HE7M/hkashRbQ6jZptpOQBxfJrLdyPSqO4hX8aZDykPj2Atzf/JaDk21m ZBSs6PH348U6Bw== X-Google-Smtp-Source: AGHT+IHEUbcV7ZRavwWnRF8zmxe6RlBLAXDcu6TOp8q8vXzPkM3+osAJHsfwtSwufzreQdYe2PE54Q== X-Received: by 2002:a05:600c:3c97:b0:436:840b:261c with SMTP id 5b1f17b1804b1-436e26ab54fmr136198025e9.19.1736670985675; Sun, 12 Jan 2025 00:36:25 -0800 (PST) Received: from [192.168.1.10] (host-83-67-217-90.as13285.net. [83.67.217.90]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-436e9d8fc51sm106163785e9.7.2025.01.12.00.36.25 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 12 Jan 2025 00:36:25 -0800 (PST) Message-ID: Date: Sun, 12 Jan 2025 08:36:24 +0000 List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam To: freebsd-desktop@freebsd.org Cc: freebsd-enterprisewg@freebsd.org References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> From: Graham Perrin Content-Language: en-GB Autocrypt: addr=grahamperrin@gmail.com; keydata= xsFNBGKYt7ABEAClu83dJ3ZKfVgPOk9YKRv0Z+dl2b88+k9R4vwAmElgguYdKE7yhnQNhhWM v9vi6AFrBMc2oJdVHJ2OrXfwpELBFIgiSMEWNsC4e+Z3HtSajcl+pFZsP7ciiSoycj/w3wIV kAZoVGbhyIbNG7fbCEJ8q81TbfsGypV3bRmbZVvGNecBguYiooBtz2Qht1p3itXMkIA6P9pS YDl+6QddZLyUUAjAnFv2QDoYSHLnaDUWw4oONZsB0SKVu8jMIBh4uJZoYEOvdvc9jQQdOpA2 CAgA6ulfm42Ikr9lKBUUCtjqiWAhJ7iXOTyHAIdR4Mf8alCE6tdTq6dHdIt+GktTY7oYNyL2 3aD3C7I5waU0SFXvJcOMG10QLfwYQMOQoYQ9XJ0U5A28WYiDcylDdUWT7SappP1e1ZMeJWWO y14mxxNzHaJSI4rK8P/p5tp3Q7SSC4k5gMh9zKba3K2ApCWNbVLGvXsJeQkZZNvu70tE81ey AHI5iZcB6D7WaHysBUmsKaEpbcmm1ZThTnGL0SHEl5to5Jab5Fg6O+Cnly5sVz5lX/v8Aosx kKNei7SCVqXOVtteQeGxWbXWbhPgbMyc0Gi3DuxBI/yvJ43k/rJysQlLGLWfJx/UXprwLluC PDK9EvKEB+fD1Z349uzp1sKr3ihpySbyKI8fpudftnAz4EsoCwARAQABzSZHcmFoYW0gUGVy cmluIDxncmFoYW1wZXJyaW5AZ21haWwuY29tPsLBlAQTAQoAPhYhBFk/5bLDBwftvJcvCrdn SG9KGNQLBQJimMMBAhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4FAheAAAoJELdnSG9K GNQLbHAQAJi998y42bEbq5HmABYovmAEtQj33YSUWyc9QRmAHpN8Er3lTKsgmZcVChB5Fu/d go2oYynDjlVpA7+wiSmg4AG78mOYbg/e19XMhrH0keDKqZXFkU+G7agR0mF09qvpQZ9MTJYZ 2u7FtytZK665UfipOdV8eGn2hFC/WynjUwEzKyryBgbbLAEbfOPeZNry4h2ZPWbtTvx/PE/V X3Vh2oGqYx69DCGz+0xEhy62ZKbkX5SL8LUf/1WViyCVzsHasFxmFxYPWIfBy8ayQ7xapz7M cSXSQyu4oDT4qh9eZiGP9/aAcZKHcV6t9y77JGhUJ/5O1sANKMa3YhgimE+Z86LHYa1IH774 PHj1nAXBwS+Cj/1l/NQoQcyjvOj8zuCsMJVaLMb6B46YsReP4+3yBLpyeBC//t6zWPbgAkWW VjROC0dXUAMTFpnA6NZe3UghG+Nc4fnCLGOhc2nyWFYHIaYV6Hv1ITFSem9DdeNnR1CFm1VM TJ7i7TuqYM+WZTkoUsTf4c46hS/ZNJZSCxh0s9yYr+BYk3XBbd+ElaZ1dJE6cuSVdw15+P2h DnprurxC4byl4YFkn+UAVvQsOgeq6aSHLOHX0weYu1OLoiPYsTdyGhne72+kDhEEdFD5aHdQ PFrbQIrqWLV0a04++0ZwGpNvXtgnWhDdAQJDwGsSSwbLzsFNBGKYt7ABEADRb1tZuh7DPYET 0wK6fe7owbYgM+RfKhmcrGgR2HI9M2q6+0WKF/ITnggWdIW2Ecc4z2boLz/cwvPGCS7/YxZM 61KklGCwuS7q1s04XnHDWHuFxfXQPzAdVmNO3bYoMZbJjHXs6sB2u5ksiwPwaMAWWaGkviSj c5pwvHCiTmX5vH5CBj/Vi+5ESyX38vK4JM5S/m4ouI/6M9biyFgimV+v3vVyCxJCT1gI9g4o GIh1qq5S433b1fihn4yHPf8XOKyBpA/QcwLONViBqJL5nnOxpsh344rNxn2R7CcRzzicOV+e 2IbMem4lwNWQlZKoRotKXZi9LqN5mynSBYqAUdoZum0QinWT9F22B0Qex5PH1zAt9i2W91Vd kcPB3LwkRXj07ycRtsSzpgPA6fLc6AsoWFslHl8kVOO5eJIA4xhjlPa+W8lguQHZ0iX+5uAv 2eAgXR2swADuHPuENNFStmsgAMl8OOOgtq75yA5TpyIzxMuXV9Nmp0VfIaUM/IdLdmxhc1pC c320l5fYMHVLFAReWEbSj2QH8YzWfpXHIegutWWYEbH9SiDXgS9KoKmCJV/Qa+x6/b8y3pOZ vnIbCDaynC2Yr50s8gRa9kb54JE8Z+p8r16U3SEsK3PtUi0RF0e51danCVHrrE6/Hat2XUO/ 6nnYgVgFOrLao6Gh/VMs8wARAQABwsF8BBgBCgAmFiEEWT/lssMHB+28ly8Kt2dIb0oY1AsF AmKYt7ACGwwFCQWjmoAACgkQt2dIb0oY1Av7qg//YjCZg8VXyMzXssgIQpROKKqh5V0UBSQl rM3tq4tWhyg0HVMugQj0Om+iNPsEEOGHkm6tyhHMzlKGpAc/l0iAM+8twIyg44Yo5+DcfFXr OMTbTw9T9jDsWOkOBksxy29iYhgpqpWdDBnhXvrJp/FNAiX8CfzrIOZeFPydDoEiKBEXAxfe a9o5J/JeVnZiUeoiFe7i68nZGsb4JxhPczNfqW12t0Ll5/ibjszg5BgjXiLao0KqbWNh4bS5 CVwH90Or+5qqWgzWPeBiuz+rN2QXE/V/fL44GEj1YKASCqmaiYRgjoRFubz1aq1wCXMXY3Iq d4525rscUgS7HBxbblnyTodUPaamN/2nSzcmE/Pkx8MApDSgZCIhs0RTAg+/AoX4HULV1rSE TQwMrBEQt84Tw5W5rHsvXKr4ZEsJUpbPLWYTISsp23nHR+vZtL/Ug+OWCmHC7X7D21xk/xVJ 4sA1RLJBKdCHtnyA4Unv/kNS1KVGxHnITVyw1a71QJADu4qsdtM5u6CyYUhqhM1oseWtV6j+ Qi8KC/G4C3AgZf06fe2fVl42z2grTabL4bC6FQXMwTX2dsm5NakWjUCmUL8uwsQE7ZA4zKxo EYI1YV9q1birpzncYRupr1qnMoggMUHWq0IBYshFQrEO8PeVUZBw7/GfAeh3argdw2Qu748T Cyw= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4YW7z12g9zz49l0 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; FREEFALL_USER(0.00)[grahamperrin]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MLMMJ_DEST(0.00)[freebsd-desktop@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::332:from] On 11/01/2025 23:47, Tomek CEDRO wrote: > https://man.freebsd.org/cgi/man.cgi?wpa_passphrase ? :-) a PSK is not applicable in wpa_gui. From nobody Sun Jan 12 17:06:28 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YWMHl0lLxz5kySB; Sun, 12 Jan 2025 17:06:43 +0000 (UTC) (envelope-from freebsd@ny-central.org) Received: from mail2.ny-central.com (mail2.ny-central.com [173.212.246.2]) by mx1.freebsd.org (Postfix) with ESMTP id 4YWMHk6xS9z42LQ; Sun, 12 Jan 2025 17:06:42 +0000 (UTC) (envelope-from freebsd@ny-central.org) Authentication-Results: mx1.freebsd.org; none X-Virus-Scanned: amavisd-new at ny-central.com DKIM-Filter: OpenDKIM Filter v2.10.3 mail2.ny-central.com D47CA1AF28F DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ny-central.org; s=202405; t=1736701601; bh=ozPNqje+QC2mjx9hA4UCuEuH3a2i/5xSMYZw70ZCuhw=; h=Date:From:To:cc:Subject:In-Reply-To:References; z=Date:=20Sun,=2012=20Jan=202025=2018:06:28=20+0100=20(CET)|From:=2 0Chris=20Moerz=20|To:=20Graham=20Perrin=20 |cc:=20freebsd-desktop@freebsd.org,=20free bsd-enterprisewg@freebsd.org|Subject:=20Re:=20[EWG]=20[LDWG]=20[FB SD_LDWG]=20(272902)=20Laptop=20Project:=20Wi-Fi=0D=0A=20privacy/se curity:=20clear-text=20passwords=20for=20WPA-EAP=20e.g.=20eduroam| In-Reply-To:=20|Re ferences:=20<07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com>=20= 20; b=dgKTmutqW4l8YYb7FzxCYLRXEyjRPtTinvBE4k90X/3Af3oKahswHUx3QaOV2IxOH ugqu8lifHyy/FxTQIrDEZtMhpKfkHzWAPzY0X4KDkClMGAb9qatVFShzTy0tyEkKrJ 4FXR2IM+H1rwjTzc55p9K940J187WxR4Qp8jADCiGrMJ5N7WjjKSIUFoXwRL7t0rjw 1+AsV5QeQV2bdjjoQ83kSH7tIJxYH1RkoG5c9MxKItsruqmymUpWwu15TZZmH8C5Tr v5ubrhNg9pct+ApSP8nsa7AXW9vG0CkymD/sNA+pjkeYZi9+xfSAoEkfRBtJ77pACX JWPGx92CLmSDMD6qyfqxYxyFCM+Y1AVZy6/IC075NYxQCYF/Ua44997VTDFwTMrtU4 vwskCZrkLL4p7JaGwkSNG6IQYJpaTufRju2yLleE05FTjCVZ9i8gwJc1xcjvCU5Yd1 SxKx91t5KqwQHASDzMmJqrSbuQsIKVncvXK/sGTVyG7CbLCih4ZnsnxMksJrrE0ARk o134J5rsN2trMg7SOQcrgElV6UvLBYIubkUZyR8CVrQQVdnwBXswyPZe9bLph2NiEs HyH2SI8wee/8pWtxAjuljtI2tKw9cMy9FPfUcFWqDi7yEwFxA4328t2XL58jQS6ZPM p3RlRflP299y5fDHAbVk+vTc= Received: from tenforward.ny-central.local (unknown [192.168.11.104]) by mail2.ny-central.com (Postfix) with ESMTPSA id D47CA1AF28F; Sun, 12 Jan 2025 18:06:29 +0100 (CET) Date: Sun, 12 Jan 2025 18:06:28 +0100 (CET) From: Chris Moerz To: Graham Perrin cc: freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam In-Reply-To: Message-ID: References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=4.0.1 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on mail2.ny-central.com X-Rspamd-Queue-Id: 4YWMHk6xS9z42LQ X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:51167, ipnet:173.212.240.0/21, country:DE] On Sun, 12 Jan 2025, Graham Perrin wrote: > On 11/01/2025 23:47, Tomek CEDRO wrote: > > > https://man.freebsd.org/cgi/man.cgi?wpa_passphrase ? :-) > > a PSK is not > applicable in wpa_gui. > What would be the expected behavior/implementation in this case? I believe with regular WPA2, one can simply store the hash value instead of the password. I suspect that's what we would like to get for eduroam (TLS-EAP) too? Supposedly, this should generate a hash value that represents the password but we would likely have to update our stack to support this? echo -n password_here | iconv -t utf16le | openssl md4 (source: https://bbs.archlinux.org/viewtopic.php?id=144471) Alternatively, one could encrypt the password, but then we'd need to enter a password for decryption every time we want to read in the conf. chris From nobody Sun Jan 12 18:17:07 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YWNs31Z64z5l3xm; Sun, 12 Jan 2025 18:17:11 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YWNs23jcsz4Fk3; Sun, 12 Jan 2025 18:17:10 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-wm1-x331.google.com with SMTP id 5b1f17b1804b1-436a39e4891so25002455e9.1; Sun, 12 Jan 2025 10:17:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1736705828; x=1737310628; darn=freebsd.org; h=content-transfer-encoding:in-reply-to:autocrypt:content-language :from:references:cc:to:subject:user-agent:mime-version:date :message-id:from:to:cc:subject:date:message-id:reply-to; bh=6D5Hksyoa1otTGBeiGDTv0/Gmfr9YbcLH4iVRt/QQjg=; b=B3xhAOIM0PYivzV9bsggRLgwSCQKvaMC+QHi3t7i6nF467osy1AbX8N9RKtwOqv7Xc B/NGY7hoDCOPjIl6T8yeS9KYV2nUcsjO++UIXInLDG+HwZxI18K5WWaiT4wXs2UyCkF5 gu2IeEB99z330BsaOlOEgJb6hiKxiAgmzTp6vTFAJQj6zvN3LetRzONiS0+DiZ3PzkVE FvTx+WCAtpyKJkwi9fdHoY5d2ZeXBZHbYDjadB9+owlrL7AYWUwlAuCw6seIUUQgAlzq xLnLEVGoT/ICwBbw6mb4666xwGLhFAyyBYSkUtz+UDE2MRqlX4rRqlAK5n3HAEPDebBH P7wg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736705828; x=1737310628; h=content-transfer-encoding:in-reply-to:autocrypt:content-language :from:references:cc:to:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6D5Hksyoa1otTGBeiGDTv0/Gmfr9YbcLH4iVRt/QQjg=; b=u2yizLojcUpPE5BSGPrnFPuEZHOLeAYZgiqfgGhFEpjUpuuqq28tFwrex8D5ovnJt8 0Xx62JOCO80VatUN68fSizKggYaGwIustmNtXXJfIM4vr/0m2qd3hhxXXdK+qmtuHvFc qv9Azof8DmeWjxKB3w/Z9a2KJEC5rlWC7Y/Q0Adj7gzI7kyMqyGmx4PK4YkGry6/Zf4H 6udlA+2fq4HXyqyI48gq+AOOV+2XlM3ybFnecUDShEeWkLdVcrnqwRjpZhuhxMNXUkjP Ea3poTfeLNbOFMemABeE84RwybZLuKYMlcr5r8e8i7+dG1EC4hTFvhqwbQcrT9EDJC6r fPYA== X-Forwarded-Encrypted: i=1; AJvYcCXj/QpGIcZvEK0/TSmXAha/tsTEpX7H9qOZD6hZbTMDKoW77L/zr6P5i7ApSlKju9tNpFZVbBjSnkr9AMre4iIdmMJEbw==@freebsd.org X-Gm-Message-State: AOJu0Yw+Boh5pXXkSbT5N5E/m6iktlLwV7wkeZ2rugsLhvyO3XX/Kh3g pDCv68KuQTwzH3IiviKOZ60QqmxQV2jk4mjhRHB+gX4wIOcLdLue50RsqA== X-Gm-Gg: ASbGnctHz5sRF354G+OOEOk76PcfauDdWE1BXYXAWnuyTGV/v0lKArBUeG2o1Lcilqm PbBR6cUmgmb5UlN4o0xzexN+0W14aGW0g+Xc8w1QJ+5XVT6WrRUbqByAvJkATKd1ZlE43KcAEjC LPeNij0YTetaVbXjaP11x6o5Rpc3REnI6ixpgOV3zPGydNJtreuxv/dY33vIKFM12zjDXa6gxqk gUlVy3OHOkqGl8g32O/vYlNEDjYz23DECib7J/0OEUD9Tj6R0NVIG0hijcQSn6Y3vuSkQeMq/uX 37Ab7d1qpa4ZSg== X-Google-Smtp-Source: AGHT+IEpgKrheOSKxcC8Ds3XvN8Eq5AZqOLBxR8JjKhxRhccQIaTiKuhaVsg9djIJpIhYwTfZgfueg== X-Received: by 2002:a05:600c:3b99:b0:434:f925:f5c9 with SMTP id 5b1f17b1804b1-436e266dfe9mr143522635e9.6.1736705828236; Sun, 12 Jan 2025 10:17:08 -0800 (PST) Received: from [192.168.1.10] (host-83-67-217-90.as13285.net. [83.67.217.90]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-436e9e37c2esm117782125e9.28.2025.01.12.10.17.07 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 12 Jan 2025 10:17:07 -0800 (PST) Message-ID: <13199c53-647a-46a6-84bc-e70e5ed67a50@gmail.com> Date: Sun, 12 Jan 2025 18:17:07 +0000 List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam To: Chris Moerz Cc: freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> From: Graham Perrin Content-Language: en-GB X-Priority: 5 (Lowest) Autocrypt: addr=grahamperrin@gmail.com; keydata= xsFNBGKYt7ABEAClu83dJ3ZKfVgPOk9YKRv0Z+dl2b88+k9R4vwAmElgguYdKE7yhnQNhhWM v9vi6AFrBMc2oJdVHJ2OrXfwpELBFIgiSMEWNsC4e+Z3HtSajcl+pFZsP7ciiSoycj/w3wIV kAZoVGbhyIbNG7fbCEJ8q81TbfsGypV3bRmbZVvGNecBguYiooBtz2Qht1p3itXMkIA6P9pS YDl+6QddZLyUUAjAnFv2QDoYSHLnaDUWw4oONZsB0SKVu8jMIBh4uJZoYEOvdvc9jQQdOpA2 CAgA6ulfm42Ikr9lKBUUCtjqiWAhJ7iXOTyHAIdR4Mf8alCE6tdTq6dHdIt+GktTY7oYNyL2 3aD3C7I5waU0SFXvJcOMG10QLfwYQMOQoYQ9XJ0U5A28WYiDcylDdUWT7SappP1e1ZMeJWWO y14mxxNzHaJSI4rK8P/p5tp3Q7SSC4k5gMh9zKba3K2ApCWNbVLGvXsJeQkZZNvu70tE81ey AHI5iZcB6D7WaHysBUmsKaEpbcmm1ZThTnGL0SHEl5to5Jab5Fg6O+Cnly5sVz5lX/v8Aosx kKNei7SCVqXOVtteQeGxWbXWbhPgbMyc0Gi3DuxBI/yvJ43k/rJysQlLGLWfJx/UXprwLluC PDK9EvKEB+fD1Z349uzp1sKr3ihpySbyKI8fpudftnAz4EsoCwARAQABzSZHcmFoYW0gUGVy cmluIDxncmFoYW1wZXJyaW5AZ21haWwuY29tPsLBlAQTAQoAPhYhBFk/5bLDBwftvJcvCrdn SG9KGNQLBQJimMMBAhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4FAheAAAoJELdnSG9K GNQLbHAQAJi998y42bEbq5HmABYovmAEtQj33YSUWyc9QRmAHpN8Er3lTKsgmZcVChB5Fu/d go2oYynDjlVpA7+wiSmg4AG78mOYbg/e19XMhrH0keDKqZXFkU+G7agR0mF09qvpQZ9MTJYZ 2u7FtytZK665UfipOdV8eGn2hFC/WynjUwEzKyryBgbbLAEbfOPeZNry4h2ZPWbtTvx/PE/V X3Vh2oGqYx69DCGz+0xEhy62ZKbkX5SL8LUf/1WViyCVzsHasFxmFxYPWIfBy8ayQ7xapz7M cSXSQyu4oDT4qh9eZiGP9/aAcZKHcV6t9y77JGhUJ/5O1sANKMa3YhgimE+Z86LHYa1IH774 PHj1nAXBwS+Cj/1l/NQoQcyjvOj8zuCsMJVaLMb6B46YsReP4+3yBLpyeBC//t6zWPbgAkWW VjROC0dXUAMTFpnA6NZe3UghG+Nc4fnCLGOhc2nyWFYHIaYV6Hv1ITFSem9DdeNnR1CFm1VM TJ7i7TuqYM+WZTkoUsTf4c46hS/ZNJZSCxh0s9yYr+BYk3XBbd+ElaZ1dJE6cuSVdw15+P2h DnprurxC4byl4YFkn+UAVvQsOgeq6aSHLOHX0weYu1OLoiPYsTdyGhne72+kDhEEdFD5aHdQ PFrbQIrqWLV0a04++0ZwGpNvXtgnWhDdAQJDwGsSSwbLzsFNBGKYt7ABEADRb1tZuh7DPYET 0wK6fe7owbYgM+RfKhmcrGgR2HI9M2q6+0WKF/ITnggWdIW2Ecc4z2boLz/cwvPGCS7/YxZM 61KklGCwuS7q1s04XnHDWHuFxfXQPzAdVmNO3bYoMZbJjHXs6sB2u5ksiwPwaMAWWaGkviSj c5pwvHCiTmX5vH5CBj/Vi+5ESyX38vK4JM5S/m4ouI/6M9biyFgimV+v3vVyCxJCT1gI9g4o GIh1qq5S433b1fihn4yHPf8XOKyBpA/QcwLONViBqJL5nnOxpsh344rNxn2R7CcRzzicOV+e 2IbMem4lwNWQlZKoRotKXZi9LqN5mynSBYqAUdoZum0QinWT9F22B0Qex5PH1zAt9i2W91Vd kcPB3LwkRXj07ycRtsSzpgPA6fLc6AsoWFslHl8kVOO5eJIA4xhjlPa+W8lguQHZ0iX+5uAv 2eAgXR2swADuHPuENNFStmsgAMl8OOOgtq75yA5TpyIzxMuXV9Nmp0VfIaUM/IdLdmxhc1pC c320l5fYMHVLFAReWEbSj2QH8YzWfpXHIegutWWYEbH9SiDXgS9KoKmCJV/Qa+x6/b8y3pOZ vnIbCDaynC2Yr50s8gRa9kb54JE8Z+p8r16U3SEsK3PtUi0RF0e51danCVHrrE6/Hat2XUO/ 6nnYgVgFOrLao6Gh/VMs8wARAQABwsF8BBgBCgAmFiEEWT/lssMHB+28ly8Kt2dIb0oY1AsF AmKYt7ACGwwFCQWjmoAACgkQt2dIb0oY1Av7qg//YjCZg8VXyMzXssgIQpROKKqh5V0UBSQl rM3tq4tWhyg0HVMugQj0Om+iNPsEEOGHkm6tyhHMzlKGpAc/l0iAM+8twIyg44Yo5+DcfFXr OMTbTw9T9jDsWOkOBksxy29iYhgpqpWdDBnhXvrJp/FNAiX8CfzrIOZeFPydDoEiKBEXAxfe a9o5J/JeVnZiUeoiFe7i68nZGsb4JxhPczNfqW12t0Ll5/ibjszg5BgjXiLao0KqbWNh4bS5 CVwH90Or+5qqWgzWPeBiuz+rN2QXE/V/fL44GEj1YKASCqmaiYRgjoRFubz1aq1wCXMXY3Iq d4525rscUgS7HBxbblnyTodUPaamN/2nSzcmE/Pkx8MApDSgZCIhs0RTAg+/AoX4HULV1rSE TQwMrBEQt84Tw5W5rHsvXKr4ZEsJUpbPLWYTISsp23nHR+vZtL/Ug+OWCmHC7X7D21xk/xVJ 4sA1RLJBKdCHtnyA4Unv/kNS1KVGxHnITVyw1a71QJADu4qsdtM5u6CyYUhqhM1oseWtV6j+ Qi8KC/G4C3AgZf06fe2fVl42z2grTabL4bC6FQXMwTX2dsm5NakWjUCmUL8uwsQE7ZA4zKxo EYI1YV9q1birpzncYRupr1qnMoggMUHWq0IBYshFQrEO8PeVUZBw7/GfAeh3argdw2Qu748T Cyw= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4YWNs23jcsz4Fk3 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] On 12/01/2025 17:06, Chris Moerz wrote: > … > (source: https://bbs.archlinux.org/viewtopic.php?id=144471) > … Nice find! Thanks, Chris. It helped me to refocus on what was already in the bug report. > … That might be enough for me to close this as not a bug. I'll aim to > confirm no later than week ending Friday 24th January. From nobody Sun Jan 12 18:35:13 2025 X-Original-To: freebsd-enterprisewg@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YWPG70BL6z5l5Hl; Sun, 12 Jan 2025 18:35:27 +0000 (UTC) (envelope-from freebsd@ny-central.org) Received: from mail2.ny-central.com (mail2.ny-central.com [173.212.246.2]) by mx1.freebsd.org (Postfix) with ESMTP id 4YWPG64xfRz4Hcs; Sun, 12 Jan 2025 18:35:26 +0000 (UTC) (envelope-from freebsd@ny-central.org) Authentication-Results: mx1.freebsd.org; none X-Virus-Scanned: amavisd-new at ny-central.com DKIM-Filter: OpenDKIM Filter v2.10.3 mail2.ny-central.com 775611AF386 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ny-central.org; s=202405; t=1736706925; bh=oy16J/RtfAGISUqDPMME/OdhW0CqB7czrWgcQsLzlYs=; h=Date:From:To:cc:Subject:In-Reply-To:References; z=Date:=20Sun,=2012=20Jan=202025=2019:35:13=20+0100=20(CET)|From:=2 0Chris=20Moerz=20|To:=20Graham=20Perrin=20 |cc:=20Chris=20Moerz=20,=20freebsd-desktop@freebsd.org,=20=0D=0A=20=20=20=20freebsd- enterprisewg@freebsd.org|Subject:=20Re:=20[EWG]=20[LDWG]=20[FBSD_L DWG]=20(272902)=20Laptop=20Project:=20Wi-Fi=0D=0A=20privacy/securi ty:=20clear-text=20passwords=20for=20WPA-EAP=20e.g.=20eduroam|In-R eply-To:=20<13199c53-647a-46a6-84bc-e70e5ed67a50@gmail.com>|Refere nces:=20<07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com>=20=20=20=0D=0A=20<13199c53-647a-46a6-8 4bc-e70e5ed67a50@gmail.com>; b=m9nTLxqQeOnxz+kzXANYx42ljRQTuVtkz1lYDk1E5qKRWRpdaT4QsEa11Plk2RcOF slu0k539XJ5ekLuaz8AZK5k0r2JSUKcWYnlK5gCqfsZh1QmVYeUExYLpn3GoUYJiuR hyBFXbUSPMi0j+73uKNSUOGBtM4ACIxnJiHuKw1dPlxNCeovnk3fiObXDlPSXhowLG FsEpU8SwSQhVTX4ggGjXdPot/1ynv0uOAI8mdtLhwta+jequ7AY48Z9r1Pov532pCf c6Hc2uFVthlRMgjUVnKbhCZCycMpG0Kmndb/Gh2w+KF6FMniAKZnjBwrI8U9b/TdZB HUGOYXpNm5lI5dCyAJ8ifk8KW8FWKidRbx8xVLGAxJ2HmG4aRXnAemlVLAO2wDy4b2 JlAOrbHErul6qPmMEUjySPvoQN0+FmIth7GWNhCbY4c2VQlYdTZ4+786DDvQaszYKh G0w2ySiqP+HB9LUBqKA8vD2F1d7HV57JxvhdO67St8EKFkm3SqAlPF4T79GZRC8Mjw A9aXaLNvSXFPqTkz0QdTjdaApG0Rkz6szFKpuLxxXbrQYoqLh0Yw7+3JxWCDVuQ8+N uzDOQBr2EBvFGqdrWg9CG6g1666C5xLk1ids2/4qUSmTdEWV27vjCHws19PTpCqCG2 gCshSiI95+iR8dd6yoQCEZy4= Received: from tenforward.ny-central.local (unknown [192.168.11.104]) by mail2.ny-central.com (Postfix) with ESMTPSA id 775611AF386; Sun, 12 Jan 2025 19:35:15 +0100 (CET) Date: Sun, 12 Jan 2025 19:35:13 +0100 (CET) From: Chris Moerz To: Graham Perrin cc: Chris Moerz , freebsd-desktop@freebsd.org, freebsd-enterprisewg@freebsd.org Subject: Re: [EWG] [LDWG] [FBSD_LDWG] (272902) Laptop Project: Wi-Fi privacy/security: clear-text passwords for WPA-EAP e.g. eduroam In-Reply-To: <13199c53-647a-46a6-84bc-e70e5ed67a50@gmail.com> Message-ID: References: <07e6179b-00de-4eeb-8282-527b477fdccc@gmail.com> <13199c53-647a-46a6-84bc-e70e5ed67a50@gmail.com> List-Id: FreeBSD as a general-purpose enterprise server List-Archive: https://lists.freebsd.org/archives/freebsd-enterprisewg List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-enterprisewg@freebsd.org Sender: owner-freebsd-enterprisewg@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="3328038562-1676262327-1736706914=:86494" X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=4.0.1 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on mail2.ny-central.com X-Rspamd-Queue-Id: 4YWPG64xfRz4Hcs X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:51167, ipnet:173.212.240.0/21, country:DE] This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --3328038562-1676262327-1736706914=:86494 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT > Nice find! Thanks, Chris. It helped me to refocus on what was already in the > bug report. > > > > > … That might be enough for me to close this as not a bug. I'll aim to > > confirm no later than week ending Friday 24th January. You're being gracious. Actually, that made me realize I should first have read the bug report in more detail - you had the answer way before me. :) As a side note: csh should allow you to use % history -S % history -L to update your history without having to log out. Hope that adds some value after my first one kind of missed the mark :) chris --3328038562-1676262327-1736706914=:86494--