Setting a random password for guest wifi - XIYO/asuswrt-merlin.ng-kr GitHub Wiki
μ ν¬ ν° λΈμκ² κ²μ€νΈ μμ΄νμ΄λ₯Ό μ¬μ©νκ² νκ³ μμ΅λλ€. κ·Έλ κ° μ§μμΌμ νμ§ μμΌλ©΄ κ·Έλ μ λΉλ°λ²νΈλ₯Ό μλ €μ£Όμ§ μμ΅λλ€!
λ§€μΌ μλμΌλ‘ μ μ ν 무μμ λΉλ°λ²νΈλ₯Ό μμ±νλ λμ , μλμΌλ‘ μ€μ λκ³ μμ±λ λλ€ λ¬Έκ΅¬κ° μ μ μ μλ΄μκ² μ΄λ©μΌλ‘ μ μ‘λμ΄, λΈμ΄ κ·Έκ²μ λ°μ μκ²©μ΄ μμ λ μ 곡ν μ μλ λ°©λ²μ μνμ΅λλ€.
μλλ μλ²½νμ§ μμ μ μμ΅λλ€(μ€ν¬λ¦½ν μ ν μ§ μ€λλμμΌλκΉμ), νμ§λ§ optwareλ entware μ€μΉ μμ΄ μ€μ ν μ μλ κ²μ νμ€ν νκ³ μΆμμ΅λλ€.
λΉλ°λ²νΈλ ν μ€νΈ νμΌμμ μ νν 문ꡬ(μ λ μ¬λ¬ λ°΄λ μ΄λ¦μ μ¬μ©νμ΅λλ€)μ 무μμ μΈ μ리 μλ‘ κ΅¬μ±λ©λλ€. μ λ νλμ κ²μ€νΈ λ€νΈμν¬λ§ μ¬μ©νκ³ μμ§λ§, μΈ κ°μ λ€λ₯Έ λ€νΈμν¬μ λν΄ μΈ κ°μ λ€λ₯Έ λΉλ°λ²νΈλ₯Ό μ ννκ±°λ μ¬μ§μ΄ μ¬μ― κ°λ₯Ό μ ννλ κ²μΌλ‘ μ½κ² μμ ν μ μμ΅λλ€. λ¨μ§ getrandomphrase μ μ°¨λ₯Ό μ€νν νμ phrasepwdμ μ λ³μλ₯Ό ν λΉν΄μΌ ν©λλ€.
ν¬λΌμμμ λκΈμ λ°μνμ¬, 무μμ λΉλ°λ²νΈλ₯Ό μμ±νλ λ€λ₯Έ λ°©λ²μ μ 곡νλ λͺ κ°μ§ λ체 ν¨μλ₯Ό μΆκ°νμ΅λλ€. getrandopensslμ openssl rand μ΅μ μ μ¬μ©νκ³ , getpasswdmeμ https://passwd.me APIμ μ κ·ΌνκΈ° μν΄ curlμ μ¬μ©ν©λλ€. μ΄λ€μ κΈ°λ³Έ busy box μ€μΉ μ΄μμ μΆκ° μννΈμ¨μ΄ μ€μΉκ° νμν μ μμ΅λλ€.
λ¨Όμ λ€μμ /jffs/scripts/rpg-passgen.shλ‘ μμ±νκ³ μ€ν κ°λ₯νκ² λ§λμΈμ:
#!/bin/sh
FROM="[email protected]"
AUTH="[email protected]"
PASS="password"
FROMNAME="Asus Router"
TO="[email protected] [email protected]"
# default password based on date if we cannot create one elsewhere
datepasswd=`date +"%A%B%d"`
############################################################################
#
# getrandomphrase - uses a list of known phrases in a file
# - phrase needs to be min 7 chars long
# - combines this with a random number between 0 and 999
#
############################################################################
getrandomphrase () {
if [ -f /jffs/scripts/rpg-phrases.txt ]; then
phrasecount=`wc -l /jffs/scripts/rpg-phrases.txt | cut -d " " -f 1`
if [ $phrasecount == 0 ]; then
# file is empty
phrasepasswd=$datepasswd
else
randomnumber=`tr -cd 0-9 </dev/urandom | head -c 7 | sed 's/^0*//'`
if [ $randomnumber == "" ]; then
# cannot get a random number, bailing
phrasepasswd=$datepasswd
else
phrasetext=`sed -n $(( $randomnumber % $phrasecount + 1 ))p /jffs/scripts/rpg-phrases.txt`
if [ $phrasetext == "" ]; then
# blank lines in file, bailing
phrasepasswd=$datepasswd
else
if [ ${#phrasetext} -lt 7 ]; then
# phrase is too short to make a valid password
phrasepasswd=$datepasswd
else
# we have a phrase now get the three digit number
randomnumber=`tr -cd 0-9 </dev/urandom | head -c 7 | sed 's/^0*//'`
if [ $randomnumber == "" ]; then
# cannot get a random number, bailing
phrasepasswd=$datepasswd
else
phrasenum=`printf "%03d" $(( $randomnumber % 1000 ))`
phrasepasswd=$phrasetext$phrasenum
fi
fi
fi
fi
fi
else
# file does not exist
phrasepasswd=$datepasswd
fi
}
############################################################################
#
# getrandopenssl - uses openssl rand function to create a password
#
############################################################################
getrandopenssl () {
phrasepasswd=`openssl rand -base64 8`
if [ $phrasepasswd == "" ]; then
# we were unable to get something from openssl
phrasepasswd=$datepasswd
fi
}
############################################################################
#
# getpasswdme - uses passwd.me api to get random password
# - needs curl to be installed
#
############################################################################
getpasswdme () {
ping -c 1 8.8.8.8
if [ $? == 0 ]; then
phrasepasswd=`curl -k "https://passwd.me/api/1.0/get_password.txt?type=pronounceable&length=12&charset=LOWERCASEALPHANUMERIC"`
if [ $phrasepasswd == "" ]; then
# we were unable to get something from passwd.me
phrasepasswd=$datepasswd
fi
else
# no network access at this time
phrasepasswd=$datepasswd
fi
}
# Now call the function we want to use
getrandomphrase
# getrandopenssl
# getpasswdme
# log what we have done
logger -t $(basename $0) "Today's Guest1 password is :" $phrasepasswd
# nvram settings for the three guest 2.4 networks
nvram set wl0.1_wpa_psk=$phrasepasswd
nvram set wl0.2_wpa_psk=$datepasswd
nvram set wl0.3_wpa_psk=$datepasswd
# nvram settings for the three guest 5.0 networks
nvram set wl1.1_wpa_psk=$phrasepasswd
nvram set wl1.2_wpa_psk=$datepasswd
nvram set wl1.3_wpa_psk=$datepasswd
# passwords have been changed but we need to restart the wifi for it to pick them up
service restart_wireless
# now send out the email
echo "Subject: Guest network password notification" >/tmp/mail.txt
echo "From: \\"$FROMNAME\\"<$FROM>" >>/tmp/mail.txt
echo "Date: `date -R`" >>/tmp/mail.txt
echo "" >>/tmp/mail.txt
echo "Today's guest network password is : $phrasepasswd" >>/tmp/mail.txt
echo "" >>/tmp/mail.txt
cat /tmp/mail.txt | sendmail -H"exec openssl s_client -quiet \
-CAfile /jffs/configs/Equifax_Secure_Certificate_Authority.pem \
-connect smtp.gmail.com:587 -tls1 -starttls smtp" \
-f"$FROM" \
-au"$AUTH" -ap"$PASS" $TO
rm /tmp/mail.txtμ’μ 문ꡬλ₯Ό μ»μ΄ λΉλ°λ²νΈλ₯Ό μμ±ν μ μλ κ²½μ°, λ μ§λ₯Ό κΈ°λ°μΌλ‘ νλλ₯Ό μμ±νλ―λ‘ μ μ΄λ λ§€μΌ λΉλ°λ²νΈκ° λ³κ²½λλλΌλ μμΈ‘ κ°λ₯ν΄μ§λλ€! :)
μ€ν¬λ¦½νΈλ₯Ό ꡬμ±νμ¬ Gmailμ μ¬μ©νμ§λ§, ISP SMTP μλ²λ₯Ό μ¬μ©νλλ‘ μμ ν μλ μμ΅λλ€. Gmailμ /jffs/configs/μ 보μ μΈμ¦μκ° μ€μΉλμ΄ μμ΄μΌ ν©λλ€. μ΄κ²μ΄ μλ€λ©΄ λ€μ κ²μλ¬Όμ νμΈνμΈμ. μν€μ μΈκΈλ wget λͺ
λ Ήμ΄ μλνμ§ μμ΅λλ€:
[http://forums.smallnetbuilder.com/showpost.php?p=149473&postcount=95](/XIYO/asuswrt-merlin
.ng-kr)
λ€μμΌλ‘, /jffs/scripts/rpg-phrases.txtλ‘ λ€μμ μμ±νμΈμ:
greenday
alicecooper
ledzeppelin
aerosmith
ironmaiden
metallica
foofighters
blacksabbath
defleppard
μ΄ λ¬Έκ΅¬λ€μ λΉλ°λ²νΈμ κΈ°μ΄κ° λ©λλ€. μ λ λ°΄λ μ΄λ¦μ μ ννμ§λ§, μλ λ€μ μ΄λ¦μ΄λ μ₯μ λλ μνλ κ²μ μ¬μ©ν μ μμ΅λλ€. κ° λ¬Έκ΅¬κ° μ΅μ 7μ(+무μμ μ 3μ = μ΅μ κΈΈμ΄ 10μ) μ΄μμ΄κ³ λΉ μ€μ΄ μλλ‘ νμΈμ. μ¬κΈ°μ ν©λ¦¬μ μΈ μμ νλͺ©μ λ£μΌμΈμ. κ·Έλ μ§ μμΌλ©΄ μ κΈ°μ μΌλ‘ κ°μ λ¬Έκ΅¬κ° μ νλ κ²μ λλ€. μ μ μ 체 문ꡬ νμΌμ μ΄μ μ½ 70κ°λ 80κ°μ λ€λ₯Έ λ°΄λλ₯Ό ν¬ν¨νκ³ μμ΅λλ€! :)
λ§€μΌ μ€μ 4μμ μ΄ κ³Όμ μ΄ μ€νλλλ‘ /jffs/scripts/init-startμ λ€μμ μΆκ°νκ³ μ€ν κ°λ₯νκ² λ§λμΈμ:
#!/bin/sh
cru a ResetGuestPassword "0 4 * * * /jffs/scripts/rpg-passgen.sh"λ§μ§λ§μΌλ‘, λ€μ λ μ€μ 4μκΉμ§ κΈ°λ€λ¦¬μ§ μκ³ κ° λΆν
μ μ΄κ²μ΄ μ€νλλλ‘ /jffs/scripts/services-startμ λ€μμ μΆκ°νκ³ μ€ν κ°λ₯νκ² λ§λμΈμ:
#!/bin/sh
sh /jffs/scripts/rpg-passgen.shλΌμ°ν°λ₯Ό μ¬λΆν νλ©΄ μλ£λ©λλ€!
μ΄μ λν΄ μ견μ λλκ±°λ κ°μ μ¬νμ μΆκ°νκ±°λ λ¬Έμ μλ μ²μλ μ λν΄ λ Όμνκ³ μΆλ€λ©΄, μ¬κΈ°μ μ€λ λλ₯Ό λ§λ€μμ΅λλ€: