Setting a random password for guest wifi

[jpclarke]

Anyone have the latest web version files to download?

Thanks

 

[dertester1]

Link not Work.
http://iris.fhict.nl/~i872272/downloads/guestwifi/guestwifi.rar

Have everyone a mirror?

 

[JanOonk]

Link not Work.
http://iris.fhict.nl/~i872272/downloads/guestwifi/guestwifi.rar

Have everyone a mirror?

Sorry my webserver admin decided to change the structure. Here's the new correct link:
http://i872272.iris.fhict.nl/downloads/guestwifi/guestwifi.rar

 

[L&LD]

Sorry my webserver admin decided to change the structure. Here's the new correct link:
http://i872272.iris.fhict.nl/downloads/guestwifi/guestwifi.rar

Did you change your forum name?

 

[JanOonk]

Did you change your forum name?

I don't know what you mean, it has nothing to do with this forum or my name. I meant the webserver I use to host the file... our admin changed some things and therefore the old link didn't work anymore.

 

[L&LD]

I don't know what you mean, it has nothing to do with this forum or my name. I meant the webserver I use to host the file... our admin changed some things and therefore the old link didn't work anymore.

I am asking about your forum name here.

Is this you in the original post?

I was going to post this directly here, but I must have too many code tags so it wouldn't let me.

As such, I have posted on the wiki on how to do this :

Setting a random password for guest wifi

Enjoy!


edit : following comments on this thread, I have added a couple of alternate functions that provide different ways of creating a random password. getrandopenssl uses the openssl rand option, and getpasswdme uses curl to access the https://passwd.me api. These may require additional software to be installed over & above the default busy box installation.

 

[redvers]

No, that was me - I put together the original scripts to randomise the password. The downloads from JanOonk are (I believe) the android files to allow you to run the script on demand

 

[SullyTheUnusual]

Sorry if this is a dumb question, but I don't know a lot about using sendmail with Gmail. Here's my output:

depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = smtp.gmail.com
verify return:1
250 SMTPUTF8
sendmail:  failed

I added my email address to the beginning of the script, was I supposed to change the one that says "login@gmail.com" too?

 

[redvers]

Sorry if this is a dumb question, but I don't know a lot about using sendmail with Gmail.

I added my email address to the beginning of the script, was I supposed to change the one that says "login@gmail.com" too?

You need to change FROM, AUTH, PASS and TO

 

[SullyTheUnusual]

I've added my own email address and password to FROM, AUTH, PASS and TO. It's doing the same thing. I've added the "-v" flag, and removed "-quiet" and this is the output:

sendmail: send:'NOOP'
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = smtp.gmail.com
verify return:1
sendmail: recv:'CONNECTED(00000004)'
sendmail: SMTP init failed

 

[redvers]

I've added my own email address and password to FROM, AUTH, PASS and TO. It's doing the same thing. I've added the "-v" flag, and removed "-quiet" and this is the output:

Have you taken into consideration the below?:

Gmail requires the secure certificate to be installed in /jffs/configs/ - if you haven't got this, check the following post as the wget command referred to on the wiki doesn't work :

http://forums.smallnetbuilder.com/showpost.php?p=149473&postcount=95

 

[SullyTheUnusual]

Yes, I have the certificate file in place. I followed your instructions exactly.

 

[redvers]

Yes, I have the certificate file in place. I followed your instructions exactly.

Do you have two factor authentication enabled on your gmail account? If so, that may be what is stopping the code from working...

 

[SullyTheUnusual]

2-step verification is not enabled on my account.

 

[redvers]

2-step verification is not enabled on my account.

Then I am out of ideas :-/

 

[SullyTheUnusual]

Thanks for trying. I wonder if there's any way to install the "mail" app?

 

[Baloo]

I have an ASUS RT-AC66U with FW 380.59. I enabled one 2.4GHz guest wifi with password-A. I connect with SSH and
nvram show | grep password-A
and it gives back
wl0.1_wpa_psk=password-A
Then I enter this:
nvram set w10.1_wpa_psk=password-B
service wireless_restart
... and nothing happens.
Weird thing is if I grep for password-A and password-B I find both set to w10.1_wpa_psk. And if I look at the GUI, the old pwd is shown.

 

[Baloo]

2-step verification is not enabled on my account.

Yesterday I was able to send e-mail with 2-step verification enabled and one device password generated in Google Account Security page (and of course that pwd was used as $2 with the script).
I used this script.

#!/bin/sh
#
#
# This script will send an email using a Gmail account through an openssl session.
#
# Version 1.0
# December 23, 2015
#
#
# Note: you must turn ON "Access for less secure apps" in the Gmail settings:
# https://www.google.com/settings/security/lesssecureapps
# I therefore recommend you create a separate Gmail account just for your router.
#
#
# Usage: ./sendgmail.sh login password recipient subject message
#
#
# (and some patience... it takes less than 10 seconds)
#
# login     : the Gmail login you created for the router
#
# password  : the Gmail password (best to enclose in quotes "" in case there are any spaces)
#
# recipient : email address of recipient
#
# subject   : subject of email (best to enclose in quotation marks "" since any spaces will
#             be misinterpreted as the start for the next parameter)
#
# message   : body of email (enclose in quotation marks "" and do not start any lines with a dot!).
#             You can pipe a file like this: ./sendgmail.sh ... "$(cat yourfilehere)" (you
#             have to use quotes otherwise any space is treated as the next parameter).
#             You can also include escape characters (like new line \n) by using $'some\nmessage'
#             as the message parameter (note the dollar sign and single quotes).
#
#
# Examples of usage :
#
# Send a simple message from command line:
# ./sendgmail.sh randomemail@gmail.com secretpassword recipient@gmail.com "Cool subject" "Nice body (of email)"
#
# Send a message with some new line feeds \n in body:
# ./sendgmail.sh randomemail@gmail.com secretpassword recipient@gmail.com "Cool subject" $'Nice body\n(of email)'
#
# Send a message from command line but read email body from a text file called "body.txt":
# ./sendgmail.sh randomemail@gmail.com secretpassword recipient@gmail.com "Cool subject" "$(cat body.txt)"
#
# And for this one, see notes below for explanation:
# read login passwd <credentials.txt ; ./sendgmail.sh $login $passwd recipient@gmail.com "some subject" "$(cat body.txt)"
#
#
# Note: as you can see from the syntax, it's not a very secure way to use this command as it requires
# you to put your login and password in plain text.  However, you can create a credentials file (such
# as "credentials.txt"), put your plain text login and password separated by a space on the first
# line, and give it read/write permission for root only (chmod 600 credentials.txt).  Then use this
# syntax to call the script:
# read login passwd <credentials.txt ; ./sendgmail.sh $login $passwd ...
#
#
# Warning: this is a very basic script that does not check for errors.  If something goes wrong,
# Try commenting out the "-quiet > /dev/null 2>&1" at the end of the openssl command to maybe
# see what's going on.  This shouldn't really matter as it would most likely be used as part of
# a cron job.
#
#
# Warning: if you add this as part of a cron job script, watch out for the paths!  Relative paths
# that work in a user shell may not work when cron is running.  Use absolute paths
# (e.g. "/opt/sendgmail.sh ...") instead.

# Show that something is happening (-n doesn't send a line feed)
echo -n 'Sending email through Gmail... '

# Parenthesis to start a "subshell" that will pass commands to openssl through a pipe
(

# This is the Gmail login for your router's special Gmail address
AUTH=$1

# The FROM line is only "for show" in the email header (the email will come from the Gmail account
# regardless of what you put for the FROM line)
FROM=$AUTH

# This is the Gmail password
PASS=$2

# The email address to which you are sending the email
RECIPIENT=$3

# Subject and body of email
SUBJECT=$4
BODY=$5

# We need to generate base64 login and password for openssl session
AUTH64="$(echo -n $AUTH | openssl enc -base64)"
PASS64="$(echo -n $PASS | openssl enc -base64)"

# Time to start talking to Gmail smtp server
echo 'auth login' ; sleep 1 ; \
echo $AUTH64 ; sleep 1 ; \
echo $PASS64 ; sleep 1 ; \
echo 'mail from: <'$FROM'>' ; sleep 1 ; \
echo 'rcpt to: <'$RECIPIENT'>' ; sleep 1 ; \
echo 'data' ; sleep 1 ; \
echo 'Subject: '$SUBJECT ; sleep 1 ; \
echo ''; sleep 1; \
echo "$BODY"; \
echo '.' ; sleep 1 ; \
echo 'QUIT') 2>&1 | \
openssl s_client -connect smtp.gmail.com:587 -starttls smtp -crlf -ign_eof -quiet > /dev/null 2>&1

# Be positive and cross your fingers that everything went right!
echo 'Done!'

 

[redvers]

Then I enter this:
nvram set w10.1_wpa_psk=password-B

That should be :

nvram set wl0.1_wpa_psk=password-B

 

[Baloo]

That should be :

nvram set wl0.1_wpa_psk=password-B

Thanks a lot! Made my day... I was LOL at myself.