Unfortunately, we haven't found a workaround in Python (other than using crypt, which will be deprecated in Python version 3.13) to generate secrets that are accepted by the authentication function of OPNsense Core. Consequently, we are using crypt as a PHP function to create secrets:
This issue serves as a reminder that, sooner or later, OPNsense Core will deprecate Crypt as well, and we will need to update our _generate_hashed_secret accordingly.
While developing the system_access_users module, we noticed that OPNsense Core uses Crypt to create API key secrets, as seen here:
https://github.com/opnsense/core/blob/dc80b7a019e7fc6e8e03a9df72b3d9b5f9d499c7/src/opnsense/mvc/app/library/OPNsense/Auth/API.php#L95
Unfortunately, we haven't found a workaround in Python (other than using crypt, which will be deprecated in Python version 3.13) to generate secrets that are accepted by the authentication function of OPNsense Core. Consequently, we are using crypt as a PHP function to create secrets:
_generate_hashed_secret
This issue serves as a reminder that, sooner or later, OPNsense Core will deprecate Crypt as well, and we will need to update our _generate_hashed_secret accordingly.