Skip to main content

Getting eduroam to work with wpa_supplicant

Having spent some not inconsiderable time trying to get my Linux based laptop to connect to the eduroam wireless network at Lancaster University I thought the nice thing to do would be to share my toils with the world. There were various other blogs and the such I drew inspiration from, but no one provided a total solution.

Now if you are using a desktop manager like Gnome or KDE the built in network-manager should do most of the magic for you, however if you want a minimal setup without relying on gui tools this may be useful to you. I use a Debian derivative on my laptop as it has better hardware support for the wireless (intel 5100). I'll assume you have the necessary packages installed as that is outside the scope of this discussion (otherwise the Debian Wiki may be a good place to start).

First off you'll need a wpa_supplicant configuration file, "/etc/wpa_supplicant/eduroam.conf" would seem to be the logical choice and mine looks just like this:

# eduroam confiuration for Lancaster University


pairwise=CCMP TKIP

Things to note here are the lack of any certificate details. Lancasters certificate can be found on their pages. I however found this unnecessary, although it did work just as well with the suitable certificate params included; which may look a bit like this:


Also note that the the epa is set to TTLS and not TKIP as suggested by lancs ISS.

The last point worth noting is that the identity includes the domain i.e. '@lancs'.

Now all that is left to do is set up the interface to use our configuration, for Debian this is in "/etc/network/interfaces" and mine looks a little like this:

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

auto wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/eduroam.conf

Now bring up your interface and you should be in business!

Other sites I drew inspiration from were:


  1. I've had similar difficulties connecting to the eduroam network, although I'm just using the Network Manager GUI. I've found I can connect to eduroam without the certificate, but not with it. <- config <- working without cert <- failing with cert

    Running Fedora 12 ( on an eeepc 1005ha.

    With the certificate it just seems to be timing out. Is it possible to extend the timeout? Maybe that's all it needs. Otherwise, I am stumped.


Post a Comment

Popular posts from this blog

Raspberry Pi A2DP Bluetooth Audio Receiver

I wanted to use a Raspberry Pi to act as a Bluetooth audio receiver or my Hi-Fi so that I could connect a phone/tablet easily to some proper speakers wirelessly. Rather than reinventing the wheel 'kmonkey' has already achieved most of what I set out to do over here ; check this out first. The only issue now is the manual intervention needed to connect up a new Bluetooth source to the output sink. I initially created a simple bash script to poll pulseaudio (every 5 seconds) and run the necessary commands as and when a new device is connected. You can see the script here and all the pertinent commands are explained over in kmonkey's blog. This is all good, but will need to be run manually using something like, # nohup ./bt_audio_attach & This is a bit rubbish and you'll be pleased to know there is a better way to get this done, UDEV! Over at the Raspbery Pi forums   there's some discussion on using UDEV scripts to automate this process entirely. Initia

Blocking Adverts from the Roku Menu

UPDATE: 18 May 2013 - A new firmware (v5) has changed the way ads are handled on the Roku such that this guide is no longer relevant.  Roku are are a pretty neat little media streaming box but one thing that I think lets them down are the trashy and mostly irrelevant adverts on the home page. Wouldn't it be great if you could get rid of these? The ads are served by the third party ad platform,  ZEDO . You can block the ads from displaying by simply blocking this domain entirely or by being more targeted and blocking the specific sub-domain serving the Roku ads. A TCPDUMP of my Roku shows that the ad images currently come from '' (although this may change). I block them by adding a custom DNS record for this sub-domain to my home router pointing to the loopback address ( There are or course many other ways you could do this, but the best way will largely depend on your own set-up and resources.

Spawning many VirtualBox machines from a single VDI

What I'm taking about here is a way to have many VirtualBox machines based upon a single hard drive image. There are many reasons why you might like to do this, but the most compelling is probably saving time by not having to install an OS over and over again, especially useful if you do anything like software testing. Our goal is a single vdi (virtual disk) file which contains a vanilla installation of our favourite OS which we can then use to conjure up a fresh new machine in a jiffy. Assuming you already have VirtualBox installed our first step is (maybe for the last time ever!) to install our OS into a new virtual machine. Now I shan't go through this as it's pretty straight forward and if you're reading this it's the sort of thing you have probably done a hundred times before. One thing of note during the initial setup is the 'Virtual Hard Disk' configuration. Be sure to allocate enough space to allow for all potential applications of the image. It