Enabling Wi-Fi on First boot
Alberto Bursi
bobafetthotmail at gmail.com
Tue Jul 6 12:10:29 PDT 2021
On 06/07/21 16:26, Henrique de Moraes Holschuh wrote:
>
> However, it is *not* a simple matter to just "enable wireless" at first
> boot in OpenWrt (due to a "default password" issue), except maybe in a
> home-and-enthusiast setting. You cannot just do it for a device (or
> firmware) you're going to deliver to third parties: it is *unsafe*, and
> extremely strongly discouraged.
>
> So, to safely and responsibly enable wireless by default in a device (or
> firmware) you're delivering to a third-party, you need that "per-unit
> unique wireless password" per device thing most vendors are doing.
>
Every. Single. Discussion degenerates into a "how could we make it safe"
party where wilder and wilder ideas are thrown around until everyone leaves.
"unique" per-device passwords like most vendors are doing are low
security and relatively easy to brute force once someone has
disassembled the firmware and learned the algorithm used to generate
them. They rely on obscurity for most of their security, which is not
really a thing for an open source project.
They are also completely useless for DYI users that are just flashing a
couple devices.
With much less effort you can just ship a pre-made wifi config file with
your own settings and passwords, and that's what many are already doing.
-Alberto
More information about the openwrt-devel
mailing list