Translations of this page:

HRZ-Wiki

User Tools

Site Tools

Trace: Linux

Sidebar

Hochschulrechenzentrum

Topics

Servicegroups

en:tp:wi-fi:linux

Table of Contents

Linux

Certificates

Current Linux distributions already have the necessary CA-certificates integrated into their operating system. Therefore you can usually go straight into the following configuration of the wifi.

In case you use an older version, the necessary certificates can be accessed the easiest by downloading them from existing network access. You should save them in /etc/ssl/certs/.

Linux-Gnomes

Configuration

Upper right toolbar: WLAN / Wireless Network Settings / Visible Networks: eduroam

  • Security of the Wireless Network: WPA & WPA2 Enterprise
  • Legitimisation: Protected EAP (PEAP)
  • Anonymous Identity: anonymous@hs-woe.de
  • Domain: hs-woe.de
  • CA-Certificate:
    • Andere Orte → Rechner → etc → ssl → certs:
      • selsct ca-bundle.crt (/etc/ssl/certs/ca-bundle.crt).
      • If not existent, select a CA-certificate depending on the location:
        • Deutsche_Telekom_Root_CA_2.pem (/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem) or
        • T-TeleSec_GlobalRoot_Class_2.pem (/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem)
  • PEAP-Version: Atomated
  • Internal Legitimisation: MSCHAPv2
  • Username: Domain Login (Form: ma1150@hs-woe.de)
  • Password: <Your Password>
  • Connect

Raspbian

No network manager is allowed to be active for the following instruction because they do not act jointly with wpa_supplicant!

Following files and parameters need to be configured for an eduroam access:

  • /etc/network/interfaces
auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
 wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Afterwards, the file indicated in advance needs to be configured under: /etc/wpa_supplicant/ :

  • /etc/wpa_supplicant/wpa_supplicant.conf
network={
ssid="eduroam"
group=CCMP
pairwise=CCMP
key_mgmt=WPA-EAP
eap=PEAP
identity="ab1234@hs-woe.de"
anonymous_identity="anonymous@hs-woe.de"
password="passwort"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
# For locations in ELS/OL
ca_cert="/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem"
# For locations in WHV and OL-MR-building
ca_cert="/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem"
}

Under “identity” the applicable user@hs-woe.de needs to be registered. The corresponding passwords have to be typed in under “password”.

After a restart of the Raspberry Pi, a connection to eduroam should be established automatically.

Page Tools