Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
en:services:network_services:eduroam:linux_wpa_supplicant [2015/10/22 17:19] – [Prerequisites] sklamten:services:network_services:eduroam:linux_wpa_supplicant [2022/04/20 13:37] (current) – [iwd] fketten
Line 1: Line 1:
 +====== eduroam with wpa_supplicant or iwd ======
  
 +
 +
 +=======wpa_supplicant=======
 +=====Prerequisites=====
 +The following configuration is for using eduroam without graphical user interfaces. [[https://help.ubuntu.com/community/Network802.1xAuthentication|wpa_supplicant]] will use a configuration file and the WLAN device will be configured through /etc/network/interfaces (optional).
 +
 +This has been tested with Ubuntu Linux 14.04 LTS, command-line installation. With other distributions paths and using the package manager / package installation may vary.
 +
 +In order to use WLAN with WPA on the command line at least the packages [[http://packages.ubuntu.com/lucid/wireless-tools|wireless-tools]] and wpa_supplicant must be installed.
 +
 +To be able to connect to the internet after connecting to eduroam you need an active DHCP client.  Please see the documentation of your distribution on how to install and configure a DHCP client.
 +=====Configuration=====
 +Add the following //network// block to your wpa_supplcant.conf.
 +
 +  network={
 +   ssid="eduroam"
 +   key_mgmt=WPA-EAP
 +   eap=PEAP
 +   ca_cert=
 +   identity=
 +   altsubject_match="DNS:eduroam.gwdg.de"
 +   phase2="auth=MSCHAPV2"
 +   password=
 +   anonymous_identity="eduroam@gwdg.de"
 +  }
 +
 +You have to enter the following parameters manually:
 +  * ca_cert: the  T-Telesec Global Root certificate (For Debian and Ubuntu the Path is "/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem")
 +  * identity: your username as it can be found [[start#username|here]]
 +  * password: the corresponding password.
 +in order to test the wpa_supplicant it can be launched manually as root by
 +
 +    wpa_supplicant -i wlan0 -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf -d 
 +
 +"wlan0" is the name of the WLAN device;
 +
 +If no user name and password is supplied in the wpa_supplicant.conf file, "wpa_cli" must be launched as root on a second terminal to control wpa_supplicant. 
 +Enter the following lines to connect to eduroam:
 +
 +    identity 0 <user@gwdg.de> 
 +    password 0 <secretpassword> 
 +    
 +=======iwd=======
 +Please use the following configuration tempate. Replace the identity and password accordingly.
 +Please note that the path to the certificate may differ by distribution.
 +
 +
 +  [Security]
 +  EAP-Method=PEAP
 +  EAP-Identity=eduroam@gwdg.de
 +  EAP-PEAP-CACert=/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem
 +  EAP-PEAP-Phase2-Method=MSCHAPV2
 +  EAP-PEAP-Phase2-Identity=user-name@uni-goettingen.de
 +  EAP-PEAP-Phase2-Password=password
 +  EAP-PEAP-ServerDomainMask=eduroam.gwdg.de
 +
 +  [Settings]
 +  AutoConnect=True
 +
 +
 +Take note that - using this configuration - your password is saved in on your system in an unencrypted. You should take the appropriate measures to prevent that from causing any harm (i.e. change the user of the configuration file to root and change the read permissions to root only).