1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Setting a random password for guest wifi

Discussion in 'Asuswrt-Merlin' started by redvers, Feb 10, 2015.

  1. SullyTheUnusual

    SullyTheUnusual Occasional Visitor

    Joined:
    Mar 18, 2015
    Messages:
    14
    I found an easier way (for me) to manage my kid's WiFi access. I enable/disable guest networks via a small script that my wife and I can run from a term app on our phones. The networks then automatically turn off via a cron set to run in the evening. This way, they don't have to "forget the network" and retype a password every day. Also, if I want to turn off their WiFi at some point during the day, I just run the script with "off" as an argument instead of "on".

    Code:
    #/bin/sh
    
    # Turn on/off kid's wifi for 16 hours
    
    if [ $1 = "on" ]; then
       nvram set wl0.1_bss_enabled=1
       nvram set wl0.1_expire_tmp=57600 
       service restart_wireless
    elif [ $1 = "off" ]; then
       nvram set wl0.1_bss_enabled=0
       nvram set wl0.1_expire_tmp=0
       service restart_wireless
    else
       echo "Invalid parameter!  Acceptable parameters are ON or OFF"
    fi
    
     
    redvers likes this.
  2. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    Hi All
    Just a couple of questions.
    **Has anyone managed to get this script to work via yahoo.com (or is everyone using gmail)??
    **If i wanted to set 2 passwords (random password for guest 1 network and random password for guest 2 network), would i need to run two scripts??
    Please note that i dont want guest 1 and guest 2 networks to have the same random password

    Thank You
     
  3. redvers

    redvers Regular Contributor

    Joined:
    Jan 25, 2015
    Messages:
    63
    Can't answer the Yahoo question, but you could call two different functions (or the same one twice) and set different passwords from within the same script execution...
     
    mad_daddy likes this.
  4. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    Brilliant, Thanks for the quick reply @redvers
    Cant wait to play with this script :)
     
  5. redvers

    redvers Regular Contributor

    Joined:
    Jan 25, 2015
    Messages:
    63
    I think the relevant lines are included but commented out; if you need any more help just holler :)
     
    mad_daddy likes this.
  6. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    Sorry to trouble you guys but looking at the scripts, i guess i'm supposed to amend the new-password.sh (from V1.01 script)?? but i can see wl0.1 and wl1.1 this is the first guest network (2.4 and 5.0) but i need to amend this script for Guest 1 and Guest 2 (wl0.1 and wl1.1 and wl0.2 and 1.2).
    Could someone point me to where i can amend this please??
    Or shall i create a second new-password.sh (eg new-password2.sh) and enter the 2nd guest settings on this??
     
    Last edited: Jun 5, 2016
  7. redvers

    redvers Regular Contributor

    Joined:
    Jan 25, 2015
    Messages:
    63
    Tweak the script using the following :


    # Now call the function we want to use

    getrandomphrase

    # getrandopenssl

    # getpasswdme

    guest1pass=$phrasepasswd

    # Call function again for Guest 2 network

    getrandomphrase
    guest2pass=$phrasepasswd


    # log what we have done
    logger -t $(basename $0) "Today's Guest1 password is :" $guest1pass

    logger -t $(basename $0) "Today's Guest2 password is :" $guest2pass

    # nvram settings for the three guest 2.4 networks
    nvram set wl0.1_wpa_psk=$guest1pass
    nvram set wl0.2_wpa_psk=$guest2pass
    nvram set wl0.3_wpa_psk=$datepasswd

    # nvram settings for the three guest 5.0 networks
    nvram set wl1.1_wpa_psk=$guest1pass
    nvram set wl1.2_wpa_psk=$guest2pass
    nvram set wl1.3_wpa_psk=$datepasswd

    # passwords have been changed but we need to restart the wifi for it to pick them up
    service restart_wireless
     
    mad_daddy likes this.
  8. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    Thanks @redvers
    Will try the script tonight and let you know the outcome.
    Thanks for all your hard work, it's appreciated
     
  9. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    Hi @redvers
    Your script worked brilliantly!!!!!

    There is however one change i made.

    When the email was being sent, only one network password was being out, so i amended the script to:
    # now send out the email
    echo "Subject: Guest network password notification" >/tmp/mail.txt
    echo "From: \\"$FROMNAME\\"<$FROM>" >>/tmp/mail.txt
    echo "Date: `date -R`" >>/tmp/mail.txt
    echo "" >>/tmp/mail.txt
    echo "Today's guest network 1 password is : $guest1pass" >>/tmp/mail.txt
    echo "Today's guest network 2 password is : $guest2pass" >>/tmp/mail.txt
    echo "" >>/tmp/mail.txt


    These two lines allowed both passwords to be sent:
    echo "Today's guest network 1 password is : $guest1pass" >>/tmp/mail.txt
    echo "Today's guest network 2 password is : $guest2pass" >>/tmp/mail.txt

    Thank you for such a fantastic script!!!!
     
    Last edited: Jun 6, 2016
  10. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11
    Hello mad_daddy,

    I have your script running on 380.59 firmware, i have executed the main script rpg-passgen.sh and email works, wireless gets new password, however, it does not stick... the "service restart_wireless" may not be functioning... just a guess... any suggestions?
     
  11. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11
    Addendum: When I save the modified settings for Guest Wifi, through the web interface, the updated password showing does stick...
     
  12. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    @Lucrecious
    Did you get the script fully working?
    Did you also create the init-start script as well?
    Also any problems please post here.
     
  13. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11
    Here is what I have for "init-start":

    #!/bin/sh
    cru a ResetGuestPassword "0 4 * * * /jffs/scripts/rpg-passgen.sh"

    The term "ResetGuestPassword" should that be renamed to reflect the name for the Asus Router?

    I did run into this issue with the "rpg-passgen.sh" file wherein:

    FROMNAME="MustUseCustomRouterName"

    I resolved this issue by entering the name for my Router, removing "Asus Router".

    When i run the "rpg-passgen.sh", it does the job of changing the Guest Wifi passwords, and, I do get an email from a GMail account setup to notify.

    With the Router Page open I can see the new random password applied to both 2.4 and 5 G Guest networks, however, when attempting to connect with the password showing it does not work until I access the parameters and then save them, without changing anything. So, the passwords are populating the fields, they are the same as the email received, however it does not seem to be restarting the Wireless on the Router from here (of course, this is just my guess):

    service restart_wireless

    Should the above line reflect a custom name for the Router?

    I am running the script from within SCP with no errors, and the results seem to be almost complete except for the stickiness of the Guest Wifi Password...

    I also have this for "services-start" in the scripts folder:

    #!/bin/sh
    sh /jffs/scripts/rpg-passgen.sh

    Any thoughts?
     
  14. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11

    In addition, I have executed both "services-start" as well as "init-start" from SCP and receive a 127 error... undefined...

    This was an error I had executing "rpg-passgen.sh" prior to changing the FROMNAME variable as shown above...

    FYI, not certain if this aids in a resolution...
     
  15. mad_daddy

    mad_daddy Occasional Visitor

    Joined:
    Jun 10, 2013
    Messages:
    19
    @Lucrecious
    **Your init-start script is fine (ResetGuestPassword can be named anything, its for your reference)

    **i didnt bother with the services-start script. As everytime the router reboots, it generates a new password and can potentially annoy users.
    I find one random password a day is enough

    **Regarding the rpg-passgen.sh script, I changed the 'From', 'Auth', 'Pass' with my gmail login.
    The 'Fromname' i changed to my router nickname (this can be changed to anything).
    The 'To' field i changed to my email address i wanted to receive the email on and finally the last change i did to my file was the ones noted above.

    service restart_wireless is a command, this forces the wireless to restart and for the changes to take effect

    Do you have any other scripts running on the router??

    If you are receiving errors when running your scripts, then try to recreate them using winscp, there shouldn't be any errors when executing the scripts
     
    Last edited: Jun 20, 2016
  16. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11


    Hello,

    Well all is working as it ought to, save for the wireless password "sticking".

    The script ran last night on schedule, the email was received.

    The updated password did no work, however, I did confirm that it appears correctly within the Guest Wireless section.

    The only way I am able to have the updated password work is to open the Guest Wireless page and "Save Changes".

    I confirmed on reboot of the router that the Guest Wireless Password will revert back to the most recent manually saved password even though the field shows it updated by way of the script.

    I am wondering if this may be a change to the Firmware in the version I am using. Perhaps "admin" credentials can be added to the script, or, there is a way to encode a "Saved Changes" to the Guest Wireless parameters.

    I did confirm that the script does restart the wireless, the lights went out and turned back on for the wireless as the script was running, however, this does not seem to make the changes stick in this firmware version.

    Any thoughts?
     
  17. redvers

    redvers Regular Contributor

    Joined:
    Jan 25, 2015
    Messages:
    63
    What happens when you ssh in and type "service restart_wireless" ?
     
  18. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11
    The wireless lights go out and back on. So... it works, however, the Guest password is still not working to connect.

    It only seems to work when I access the webpage, open the Guest Network, click on the settings to open the modify page and then save the page without changing anything... perhaps a bug in firmware 380

    I did try another method, setting UID and GID permissions within WinSCP, to no avail... will also add Sticky bit and let you know the results...

    Pretty frustrating... the last thing to do will be to revert to an earlier firmware version and start all over... or, perhaps restoring saved settings and see if it is a firmware versioning issue...
     
  19. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11

    Okay, now I have changed the UID GID and Sticky bit within WinSCP, in case there were permission issues, and have now confirmed that the updated Guest Wireless password, appearing correctly within the webpage, reverts back to the most recently "Save Changes" Guest Wireless password when rebooting the router.

    So... the Guest Wireless does update, the issue is that it appears correct within the router web interface, BUT, does not "STICK" until the changes are saved therein.

    Restarting the Wireless within firmware 380 does not make the password "STICK".

    I am out of options, any ideas?
     
  20. Lucrecious

    Lucrecious Occasional Visitor

    Joined:
    Jun 19, 2016
    Messages:
    11

    The Router is set in AP Mode, however, it was behaving the same way in Wireless Router mode...