2. Linux Eduroam Command Line Instructions

This is the raw configuration required for `wpa_supplicant`, known to work under Ubuntu 6.06 LTS (a.k.a. Dapper Drake), using an Atheros chipset wireless card (the instructions were created with the `madwifi` linux driver with a Cisco Aironet PCMCIA).

Under Ubuntu the network interface configuration is stored in the file /etc/network/interfaces but this may of course be different for other Linux distributions. This is what the file must contain:

# the interface name may be different if you're not using an Atheros chipset card
# for example with the Wireless Extensions, you would use
# iface ethN inet dhcp
#     wpa-driver wext
# bring the interface up automatically. remove this line to disable that.
auto ath0
# this must use DHCP for the OUCS-based Eduroam service
iface ath0 inet dhcp
    # change this next line as appropriate (see above comment)
    wpa-driver madwifi
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Under Ubuntu, the way this works is that the appearance of an option in `/etc/network/interfaces` that has the prefix `wpa-` triggers the execution of the script at /etc/wpa_supplicant/ifupdown.sh, and it is this script that makes everything else work -- the locking of the SSID, configuring of the card, and so on. The main system network scripts then sort out the DHCP lease, and so on.

In this setup, the `/etc/wpa_supplicant/wpa_supplicant.conf` file used with the OUCS Eduroam service contained the following:

network={
    ssid="eduroam"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=TTLS
    anonymous_identity="anonymous@ox.ac.uk"
    # adjust the following CA line as required to match your filename
    ca_cert="/etc/ssl/certs/GTE_CyberTrust_Global_Root.pem"
    phase2="auth=MD5"
    # in the following line, replace <username> with your University Remote Access account username, without angle brackets
    # Remote access account is described at http://www.oucs.ox.ac.uk/network/remote/ 
    # (not your SSO). Append @OX.AC.UK after your username so
    # that eduroam knowns the authentication home site
    identity="<username>@ox.ac.uk"
    # in the following line, replace <password> with your University Remote Access account password, without angle brackets
    password="<password>"
}

If you don't have the GTE Cybertrust Global Root certificate installed, copy this file to your system and reference that instead: http://secure.globalsign.net/cacert/ct_root.pem

Now all that is needed is to restart your system's network services. Remember to unplug your wired network cable if you want to get right on and test it

$ sudo invoke-rc.d networking restart

Following that, your wireless interface should be up and running. Check that you have a DHCP lease, at least:

sudo ifconfig

ath0    ...etc...
        inet addr:172.17.92.200 Bcast:172.17.92.255 Mask:255.255.255.0
...etc...
sudo iwconfig
ath0    IEEE 802.11g  ESSID="eduroam"
...etc...

Up: Contents Previous: 1. Introduction