Secure Wi-Fi Password Storage on an Embedded Device (NetworkManager 1.46)
Beniamino Galvani
bgalvani at redhat.com
Tue Mar 18 15:23:25 UTC 2025
On Tue, Mar 18, 2025 at 03:46:58PM +0100, Íñigo Huguet wrote:
> On Tue, Mar 18, 2025 at 1:53 PM Juan A. Rubio <jarubio2001 at gmail.com> wrote:
> > > If you are ok with modifying NM code - it is in
> > > src/libnm-core-impl/nm-keyfile.c. Otherwise you can always write a
> > > program that supplies secrets via SecretAgent API and this program can
> > > do whatever you want.
> >
> > Hi Andrei,
> >
> > this is the kind of information that I was looking for.
>
> I'd opt for the SecretAgent API, as it will be stable. You can drop a
> custom program with Buildroot. If you opted for modifying NM code via
> patches you will need to deal with potential conflicts on each NM
> version update.
I second this.
You can implement the SecretAgent D-Bus API from an external program
that will be queried by NetworkManager to retrieve the
secrets. Otherwise, it is easier to use libnm (possibly with GObject
introspection) and extend the "NMSecretAgentOld", so that you only
have to implement the missing methods (get_secrets(), save_secrets(),
etc). If you plan to do this in C, you can have a look at
"nm-secret-agent-simple.c" in the NM tree (there are some indirections
that make it not so simple, though). For Python, you can have a look
at this:
https://github.com/NetworkManager/NetworkManager/pull/375
Note that the python example there requires the other commit in the PR
to fix the GObject introspection bindings in NM, otherwise you'll get
errors.
> IMHO you won't get nothing more than a small obfuscation with either
> method, so it's probably not worth it, but you know better what your
> project needs, of course.
Any method for which the password or the password-encrypting key is
stored on the filesystem is not secure if the threat is physical
access. If the attacker has physical access to the device, a hardware
token doesn't seem a feasible solution either.
Beniamino
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/networkmanager/attachments/20250318/0398633b/attachment.sig>
More information about the Networkmanager
mailing list