Skip to main content

Getting eduroam to work with wpa_supplicant

Having spent some not inconsiderable time trying to get my Linux based laptop to connect to the eduroam wireless network at Lancaster University I thought the nice thing to do would be to share my toils with the world. There were various other blogs and the such I drew inspiration from, but no one provided a total solution.

Now if you are using a desktop manager like Gnome or KDE the built in network-manager should do most of the magic for you, however if you want a minimal setup without relying on gui tools this may be useful to you. I use a Debian derivative on my laptop as it has better hardware support for the wireless (intel 5100). I'll assume you have the necessary packages installed as that is outside the scope of this discussion (otherwise the Debian Wiki may be a good place to start).

First off you'll need a wpa_supplicant configuration file, "/etc/wpa_supplicant/eduroam.conf" would seem to be the logical choice and mine looks just like this:

###############################################
# eduroam confiuration for Lancaster University
###############################################

ctrl_interface=/var/run/wpa_supplicant

network={
     ssid="eduroam"
     scan_ssid=1
     key_mgmt=WPA-EAP
     pairwise=CCMP TKIP
     group=CCMP TKIP
     eap=TTLS
     identity="youruniusername@lancs"
     password="password"
     phase2="auth=MSCHAPV2"
}


Things to note here are the lack of any certificate details. Lancasters certificate can be found on their pages. I however found this unnecessary, although it did work just as well with the suitable certificate params included; which may look a bit like this:

ca_cert="/path/to/certificate/eduroam.crt"


Also note that the the epa is set to TTLS and not TKIP as suggested by lancs ISS.

The last point worth noting is that the identity includes the domain i.e. '@lancs'.

Now all that is left to do is set up the interface to use our configuration, for Debian this is in "/etc/network/interfaces" and mine looks a little like this:

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

auto wlan0
iface wlan0 inet dhcp
    wpa-conf /etc/wpa_supplicant/eduroam.conf


Now bring up your interface and you should be in business!

Other sites I drew inspiration from were:

http://www.lancs.ac.uk/iss/network/winet/eduroam-2.htm
http://www.eduroam.no/klient/linuxwpa.html
http://wiki.debian.org/WiFi/HowToUse#wpasupplicant
Labels:

Comments

  1. Unknown2 March 2010 at 10:59

    I've had similar difficulties connecting to the eduroam network, although I'm just using the Network Manager GUI. I've found I can connect to eduroam without the certificate, but not with it.

    http://snorf.net/eduroam/eduroam_nocrt.png <- config
    http://snorf.net/eduroam/eduroam_withoutcrt.txt <- working without cert
    http://snorf.net/eduroam/eduroam_withcrt.txt <- failing with cert

    Running Fedora 12 (2.6.31.12-174.2.22.fc12.i686) on an eeepc 1005ha.

    With the certificate it just seems to be timing out. Is it possible to extend the timeout? Maybe that's all it needs. Otherwise, I am stumped.

    ReplyDelete
  2. iliasnaftzger18 June 2022 at 13:38

    5 Tips About VGO Gambling with No Deposit
    A great way to increase your casino experience is by using 바카라사이트 the VGO casino software. There are plenty of options 온라인카지노 on offer and VGO casinos offer a wide range of options for you.

    ReplyDelete

Post a Comment

Popular posts from this blog

Moodle on Centos or Red Hat 7 (with SELinux!)

Why the need for another 'Installing Moodle' guide? Two reasons, Systemd and SELinux. The steps are presented as a Bash script, which may be run on a virgin system, installing a complete working Moodle stack in one go, including enforcing SELinux. In addition to the absolute basics it also includes adding ClamAV virus for file uploads and Memcached for sessions and 'MUC'. It does not cover any extras you will need to get your site up to production, e.g. securing your database  or updating your virus definitions automatically. Neither does it do any extra PHP configuration (upload limits, execution time etc.) or any extra complexities that might be desirable. For all of this you should goto  docs.moodle.org .
6 comments
Read more

Spawning many VirtualBox machines from a single VDI

What I'm taking about here is a way to have many VirtualBox machines based upon a single hard drive image. There are many reasons why you might like to do this, but the most compelling is probably saving time by not having to install an OS over and over again, especially useful if you do anything like software testing. Our goal is a single vdi (virtual disk) file which contains a vanilla installation of our favourite OS which we can then use to conjure up a fresh new machine in a jiffy. Assuming you already have VirtualBox installed our first step is (maybe for the last time ever!) to install our OS into a new virtual machine. Now I shan't go through this as it's pretty straight forward and if you're reading this it's the sort of thing you have probably done a hundred times before. One thing of note during the initial setup is the 'Virtual Hard Disk' configuration. Be sure to allocate enough space to allow for all potential applications of the image. It wou...
11 comments
Read more

Row a Concept2 on Zwift with a $10 Raspberry Pi!

Short story, I made a program. Instructions and download here:  https://github.com/mrverrall/go-row Despite there being an appetite for rowing in Zwift the fact is a rowing machine is not a bicycle and a Concept2 rower won't connect directly to Zwift. The Zwift gods tease a rowing release every now and again, but it's been coming 'soon' for years now. Don't hold your breath. But people do row in Zwift, so how do they do it? To get the data from the rowers computer, the PM5, into something Zwift recognises as a bicycle you need a device that translates between the rower and the device running Zwift. There are solutions already available to do this. Some are expensive like the  NPE CABLE (about £90 in the UK) and some are 'free' like the  RowedBiker  app. The downside with RowedBiker is that it needs to run on a extra device separate from the one running Zwift. If you have a compatible device lying around, great, otherwise you'll need to buy one. Meanwh...
1 comment
Read more