Starting out with JHB, I had a 63-character WPA2 passphrase that worked well with my laptop, my SB2 and my TP. Yes, I know, 63 characters is massive overkill, indulge me...

But no matter what I did, I could not get JHB to connect using this passphrase. So after a half-dozen times of entering it correctly, which took ~10 minutes each time, I gave up, tried open (worked) tried WPA2 with a simple passphrase (worked) then tried a more complex WPA2 passphrase, 20 characters I think (worked).

Does JHB support 63-character WPA2 passphrases?

OK, I went overboard with the number of characters, but I still find it hard to believe I'm the only obsessive-compulsive here with a 63-character WPA2 passphrase and a JHB. :-)

63 characters of English or French? or of random letters?
63 characters of English in a passphrase is not overkill.

Good passphrases are easy to remember, so they tend to be famous, and that greatly reduces the entropy. The classic PGP passphrase is "Zaphod Beebblebrox for President" which looks like its got 32 characters of entropy, but really is fairly common, you can google for it and get millions of hits.

Aux armes, citoyens, Formez vos bataillons Marchons, marchons
qu'un sang impur abreuve nos sillons

sure looks like it is strong phrase with lots of entropy, but it really does not.

In my case it's 63 characters of a phrase I made up, with purposeful misspellings, added unnecessary numbers and odd punctuation.

The reason I ask is that certain wireless implementations have problems with passphrases of such lengths. IIRC the Squeezebox2 didn't support it either until a certain firmware revision.

Mark, i'm not sure i tested such a long ssid. Can you double check it does not work, then please make a new bug.

Cheers,
Richard

Mark, i'm not sure i tested such a long ssid. Can you double check it does not work, then please make a new bug.

It's not the SSID, it's the passphrase, which is the maximum WPA/WPA2 supports, but some wireless adapter drivers truncate one character due to rounding issues or something.

I'll test it out tonight with both my original 63-character passphrase and if it doesn't work, a 62-character passphrase to see if this truncating issue is going on.

Thanks Richard.

In my case it's 63 characters of a phrase I made up, with purposeful misspellings, added unnecessary numbers and odd punctuation.


Wow, that's a lot of work. If I want something strong, I just pass a easy to remember phrase through SHA1 and write down the hex. I can't remember proper spelling, let along deliberate misspellings and where the weird punctuation goes.

Most folks get long, strong passwords, and can't remember them, so they put a yellow stickie on the monitor. :-)

I did have a lot of experience entering it into JHB, so I know every character by heart now. ;-)

I also have it saved in a text file somewhere in my /home directory on my PC, disguised under an odd file name.

Mark Lanctot wrote:
I also have it saved in a text file somewhere in my /home directory,
> disguised under an odd file name.

Ah, the old nuclear launch codes stored in the clear as "Christmas gift
list" trick.

Better than a yellow stickie but not really secure.

LOL!

I suppose I could change permissions so only root could see it, but then again, if someone has broken in far enough to see my /home directory (even as non-root) I've got other worries.

Mark Lanctot wrote:
> LOL!
>
> I suppose I could change permissions so only root could see it, but
> then again, if someone has broken in far enough to see my /home
> directory (even as non-root) I've got other worries.

Its actually a hard problem.
When I was at CyberCash, we used DES to encipher the RSA keys, building
the DES key from an MD5 of the user's passphrase. We argued about it a
lot, but in the end, if the bad guy has access to your disk and can read
the file, they can apply tools to break DES or 3DES or anything else at
their leisure.

Folks often want me to encipher databases in high security and high
privacy cases. So I say "sure, what is the key you want to use" and they
tell me, and I say, who will type it in every time the server boots? and
the look at their shoes and start to mumble.

Similarly for WiFi, if the bad guy has physical access to your router,
he can simply push the "reset" button to open it up.

63 characters is the spec, and frankly if someone is going to have a password longer than 10 or 15 characters, it's probably going to be 63.

We should support it. I've filed it as bug 5808

http://bugs.slimdevices.com/show_bug.cgi?id=5808

Thanks for filing the bug, Chris, although I haven't actually had time to try it out (dreading that 20-minute entry of the passphrase).

OK, not 20 minutes, but it's long.

It's not so bad if you just use numeric characters. It's like dialing a phone number on an old rotary phone what only has high numbers :)