Contents
These instructions were originally made for eduroam on Ubuntu Linux, however Ubuntu released a graphical client which performed the entire page of instructions in 2 clicks of a mouse. The original instructions are hence provided as a starting point for experienced Linux users to attempt to get eduroam working on a Linux distribution for which there are no eduroam instructions currently provided. If you are a Ubuntu user, please use the graphical client instead.
We don't have the resources to create a working solution for every Linux distribution and each version of each distribution, so if you are successful, please feel free to submit the steps you used, any screenshots if using a graphical client and details of your exact distribtion to wireless@oucs.ox.ac.uk and we'll format your instructions and add them to the existing ones.
2. Linux Eduroam Command Line Instructions
This is the raw configuration required for `wpa_supplicant`, known to work under Ubuntu 6.06 LTS (a.k.a. Dapper Drake), using an Atheros chipset wireless card (the instructions were created with the `madwifi` linux driver with a Cisco Aironet PCMCIA).
Under Ubuntu the network interface configuration is stored in the file /etc/network/interfaces but this may of course be different for other Linux distributions. This is what the file must contain:
# the interface name may be different if you're not using an Atheros chipset card
# for example with the Wireless Extensions, you would use
# iface ethN inet dhcp
# wpa-driver wext
# bring the interface up automatically. remove this line to disable that.
auto ath0
# this must use DHCP for the OUCS-based Eduroam service
iface ath0 inet dhcp
# change this next line as appropriate (see above comment)
wpa-driver madwifi
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Under Ubuntu, the way this works is that the appearance of an option in `/etc/network/interfaces` that has the prefix `wpa-` triggers the execution of the script at /etc/wpa_supplicant/ifupdown.sh, and it is this script that makes everything else work -- the locking of the SSID, configuring of the card, and so on. The main system network scripts then sort out the DHCP lease, and so on.
In this setup, the `/etc/wpa_supplicant/wpa_supplicant.conf` file used with the OUCS Eduroam service contained the following:
network={
ssid="eduroam"
scan_ssid=1
key_mgmt=WPA-EAP
eap=TTLS
anonymous_identity="anonymous@ox.ac.uk"
# adjust the following CA line as required to match your filename
ca_cert="/etc/ssl/certs/GTE_CyberTrust_Global_Root.pem"
phase2="auth=MD5"
# in the following line, replace <username> with your University Remote Access account username, without angle brackets
# Remote access account is described at http://www.oucs.ox.ac.uk/network/remote/
# (not your SSO). Append @OX.AC.UK after your username so
# that eduroam knowns the authentication home site
identity="<username>@ox.ac.uk"
# in the following line, replace <password> with your University Remote Access account password, without angle brackets
password="<password>"
}
If you don't have the GTE Cybertrust Global Root certificate installed, copy this file to your system and reference that instead: http://secure.globalsign.net/cacert/ct_root.pem
Now all that is needed is to restart your system's network services. Remember to unplug your wired network cable if you want to get right on and test it
$ sudo invoke-rc.d networking restart
Following that, your wireless interface should be up and running. Check that you have a DHCP lease, at least:
ath0 ...etc...
inet addr:172.17.92.200 Bcast:172.17.92.255 Mask:255.255.255.0
...etc...
sudo iwconfig
ath0 IEEE 802.11g ESSID="eduroam"
...etc...