eduroam with wpa_supplicant

Prerequisites

The following configuration is for using eduroam without graphical user interfaces. wpa_supplicant will use a configuration file and the WLAN device will be configured through /etc/network/interfaces (optional).

This has been tested with Ubuntu Linux 14.04 LTS, command-line installation. With other distributions paths and using the package manager / package installation may vary.

In order to use WLAN with WPA on the command line at least the packages wireless-tools and wpa_supplicant must be installed.

To be able to connect to the internet after connecting to eduroam you need an active DHCP client. Please see the documentation of your distribution on how to install and configure a DHCP client.

Configuration

Add the following network block to your wpa_supplcant.conf.

network={
 ssid="eduroam"
 key_mgmt=WPA-EAP
 eap=PEAP
 ca_cert=
 identity=
 domain_suffix_match="radius1-edu.gwdg.de"
 phase2="auth=MSCHAPV2"
 password=
 anonymous_identity="eduroam@gwdg.de"
}

You have to enter the following parameters manually:

  • ca_cert: the T-Telesec Global Root certificate (For Debian and Ubuntu the Path is “/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem”)
  • identity: your username as it can be found here
  • password: the corresponding password.

in order to test the wpa_supplicant it can be launched manually as root by

  wpa_supplicant -i wlan0 -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf -d 

“wlan0” is the name of the WLAN device;

If no user name and password is supplied in the wpa_supplicant.conf file, “wpa_cli” must be launched as root on a second terminal to control wpa_supplicant. Enter the following lines to connect to eduroam:

  identity 0 <user@gwdg.de> 
  password 0 <secretpassword>