Randomizing guest wifi password with OpenWrt and a hacked digital photo frame

Written by Matej Drolc

Let’s implement a guest wifi with passwords that change periodically (eg. every 24hours) and via a button press. Let’s display the current password on an LCD. This comes handy when you want to provide wifi access only to clients that are physically present in your lounge for that day and prevent password leaks and massive wifi sharing to all the buildings nearby.

Prerequisites:

1. Components needed:

2. Flash the DPF with custom firmware, all details are available here

Update: I have described the procedure in detail in a blog post as well. The post can be found here

Installing the lcd4linux with DPF on OpenWrt

There are multiple options:

You can try with…

opkg update
opkg list | grep -E "dpf|lcd4linux"

And see if anything good shows up. From memory, there might be a “lcd4linux-dpf” package but at some point in time I believe that the changes were added to “lcd4linux-custom”. Doing “dpkg info lcd4linux-custom” does indeed list “libdpf” as a dependency, which is a good sign that the package will work with your hacked dpf device.

If you are less lucky and cannot get a working package, if you have an ar71xx platform device like me, then you can download a prebuilt package from here or mirror

If you are even less lucky and run a different build target then you will have to build your own package from lcd4linux and and latest dpflib. Start digging here for instructions.

Once the correct package is located, install it with the usual

opkg install path_to_package

Now, /etc/lcd4linux.config needs to be replaced with this one. The first section might need some customization to get it working but it is all self-explanatory.

The /etc/init.d/lcd4linux init script should be edited as well, the -o and -q options should be commented out.

Now lcd4linux can be run with “/etc/init.d/lcd4linux start” and that’s that.

Password reset script

A script that changes wifi password with a random value and restarts the wifi is pasted below.

/usr/bin/wifipass.sh

#!/bin/sh

KEY=$(head /dev/urandom | tr -dc "0123456789" | cut -c 1-8)

uci set wireless.@wifi-iface[0].key=$KEY
uci commit wireless

logger wifi pass changed to $KEY 

wifi

A cron job that calls this script every 24hours can now be setup (an exercise for the reader).

Button

Also it is useful if the device owner can manually trigger a password change. This can be achieved by adding the following section to /etc/config/system:

config button
    option action 'pressed'
    option button 'wps'
    option handler 'logger wps pressed, resetting wifi pass; /usr/bin/wifipass.sh'

or with uci syntax:

uci add system button    
uci set system.@button[-1].button=wps
uci set system.@button[-1].action=pressed
uci set system.@button[-1].handler='logger wps pressed, resetting wifi pass; /usr/bin/wifipass.sh'
uci commit system

To identify the desired button’s internal name and action (in this case “wps” and “pressed”), the following script should be saved as /etc/hotplug.d/button/buttons. When the button is pressed, name and action will be logged.

#!/bin/sh
logger $BUTTON
logger $ACTION

Other relevant sources

http://www.vdr-portal.de/board18-vdr-hardware/board11-lcds/p1043999-pearl-display-textskalierung-unter-lcd4linux/ http://flux242.blogspot.com/2012/02/digital-picture-frame-as-router-status.html http://sourceforge.net/p/dpf-ax/code/48/tree/ https://forum.openwrt.org/viewtopic.php?id=34133&p=3 http://forum.doozan.com/read.php?9,9915,10788,quote=1 http://picframe.spritesserver.nl/wiki/index.php/DPF_with_AppoTech_AX206