PDA

View Full Version : Entering WPA Password via Web Interface



rod451
2007-05-10, 18:29
Greetings,

Has there been any discussion around being able to enter the WPA password via the web interface? I would like to be able to easily enter a long complex password without having to go through the remote control routine. This could be done securely initially using wired access and the remote to confirm.

Rod

Arie
2007-05-10, 21:50
So, how do you think your SB will 'use' these settings?

azinck3
2007-05-10, 22:13
So, how do you think your SB will 'use' these settings?

You'd simply reboot the SB, tell it to use wireless, then connect to your network with the settings you've saved.

That said, I rather doubt the value of such a feature (if it can even be done). Most folks will probably find it more hassle to wire the box to the network, go through the connection process, enter the wireless password in the web interface, then move the box to its home away from the wired network than they will to simply enter the passphrase via the remote.

Arie
2007-05-10, 22:18
But how would it "simply" connect with the settings you have saved? I order to make that possible, the device (SB) would need the key before make the connection to your network. Right?

azinck3
2007-05-10, 22:35
But how would it "simply" connect with the settings you have saved? I order to make that possible, the device (SB) would need the key before make the connection to your network. Right?

Yes, that's what the OP is suggesting. The OP proposes that you be able to wire the device to your network (no passphrase required), enter the key into the web interface (which would then store the key in the SB's firmware), disconnect the SB from the network, then reboot it and tell it to use the wireless interface at which point it would use the passphrase you stored to connect to the network.

tommyz
2007-05-11, 02:46
I second the idea.

It is definitely less hassle to plug the SB into a switch using a patch cable than to break my fingers on the remote.

ciao, TommyZ

Mark Lanctot
2007-05-11, 20:06
At first the idea sounded kind of strange - it goes against the SB way of doing things and no other wireless devices work this way, but I gotta say, it's a good idea.

I have a 63-character WPA2 passphrase composed of of upper and lower case, punctuation and numbers. I'm using a universal remote that doesn't have ABC-DEF-GHI labels so I have to guess - where's "r"? 7? 6? It can take me 10 minutes to enter the passphrase. Thankfully I don't have to do it very often. Something like this would be quite handy for a Squeezebox, although not very handy for a Transporter because a TP isn't very portable.

SuperQ
2007-05-11, 21:52
At first the idea sounded kind of strange - it goes against the SB way of doing things and no other wireless devices work this way, but I gotta say, it's a good idea.

I have a 63-character WPA2 passphrase composed of of upper and lower case, punctuation and numbers. I'm using a universal remote that doesn't have ABC-DEF-GHI labels so I have to guess - where's "r"? 7? 6? It can take me 10 minutes to enter the passphrase. Thankfully I don't have to do it very often. Something like this would be quite handy for a Squeezebox, although not very handy for a Transporter because a TP isn't very portable.

Why bother with such an absurdly complex passphrase in the first place? Based on my quick wikipedia research (http://en.wikipedia.org/wiki/WPA2) You don't get any benifit from > 39 ASCII chars due to the reduction of the keyspace from 504 bits to 256 bits by the hash function.

Really, a 10 character passphrase of [a-zA-Z0-9] (62^10 combinations) would take 2661.4 years to walk if you could process a million crypt per second.

ftlight
2007-05-12, 07:41
Mark Lanctot wrote:
> At first the idea sounded kind of strange - it goes against the SB way
> of doing things and no other wireless devices work this way, but I
> gotta say, it's a good idea.

My wired SB1 runs wireless via a Netgear WGE101 wireless bridge. This
is initially configured using a web interface by first connecting it to
a wired network (or directly to a PC network port).

--
Bill Burns
Long Island NY USA
http://ftldesign.com

rod451
2007-05-18, 23:17
Why bother with such an absurdly complex passphrase in the first place? Based on my quick wikipedia research (http://en.wikipedia.org/wiki/WPA2) You don't get any benifit from > 39 ASCII chars due to the reduction of the keyspace from 504 bits to 256 bits by the hash function.

Really, a 10 character passphrase of [a-zA-Z0-9] (62^10 combinations) would take 2661.4 years to walk if you could process a million crypt per second.

Assuming the algorythm used picked the correct passphrase on the last try. ;)

Seriously though, if the system is capable of storing a 63 (or 39) character which is what the standard allows, then shouldn't there be an easy way of entering it, otherwise why have the capability. Manufacturers have implemented easier key distribution systems, why shouldn't the SB have something that also facilitates strong(er,est) key distribution.

Cheers, Rod

tamanaco
2007-05-19, 14:07
Wasting time with a crazy idea... maybe this wouldn't be an issue if the SB3 firmware searched for a configuration server after a reset. It would also be helpful if the SB3 firmware supported domain names. If when reset the SB3 were to search for a couple pre-defined domain names and/or IP addresses via its ethernet port... Say LocalSServer.localdomain.suppliedbylocaldns and/or 192.168.1.xxx for a "local" SlimServer which would have a Squeezebox configuration page for WPA settings, domain name changes and the such. Of course, I'm assuming that at least for configuration purposes the local Slimserver should be renamed to the default name pre-defined in the firmware. (not very bright) If the SB3 fails to communicate with the "local" server then it should try to connect to RemoteSlimConfigurationServer.Squeezenetwork.com and/or 207.7.156.xxx for a "remote" configuration server" which would also have an SB3 configuration page. The default ID and Password for each specific SB3 would be unique and come packaged with the SB3. In other words, each SB3 would have an ID and a password associated with it in this server. This server would not need to be that powerful as the SB configuration should only take a few steps and connections to this server should take place only after an SB3 is reset and after it fails to find the local server in a reasonable amount of time. If connected to the remote configuration server the SB3 should display something like... "Connected to Remote Configuration Server... Here is your ID and your Password." You know, for those that forget or loose their password. I know that there might be issues with internet traffic, router setup etc... etc... but this should just be an "alternative way" to configure the SB3, keeping the old reliable remote configuration option still available. Also, the order of the searh for the local/remote configuration servers can be reversed.

Ahhhh... maybe not... What about existing Squeezeboxes?... Is there a SB3 hardware ID that can be pulled by the firmware?... All I know is that SD should now have more resources at its disposal and that some of these resources should be use to enhance the SqueezeNetwork so that it does more for the SB3 than just connect the SB3 to internet/squeeznetwork stations and display the time when the SB3 is off... Just another crazy idea.

I should really find something to do here at work... To my colleagues I look like I'm hard at work behind my monitor.

Yes! Sir... Right away!... I'm almost done with it.