Using eduroam on Linux installations without NetworkManager

It is possible to use eduroam networks on Linux distributions that do not use NetworkManager to connect to wireless networks.

What is eduroam? #

eduroam is a network of academical institutions over the world that enables wireless internet connection for any student, researcher or educator that studies or works in a member institution.

Typically what you would find is a WiFi SSID of the hosting country (i.e. unitn-x in Università di Trento) and a parallel SSID called eduroam. If properly configured, the network should easily connect automatically.

Typically eduroam networks have:

What is eduroam CAT #

eduroam CAT means Configuration Assistant Tool, and can be downloaded from the eduroam CAT webpage. It is available for MS Windows, Mac OS, Linux, Chrome OS, Android or by getting the raw EAP config.

Configuring eduroam without NM #

Unfortunately, on Linux the automatical config works only for those distros that have NetworkManager, i.e. Debian, Ubuntu, Fedora, etc.

Other distros, such as ArchLinux, do not use NetworkManager as default manager for wireless connection: for example Arch uses netctl, and this example will be based on that.

  1. First of all, download the eduroam CAT installer
  2. Run the Python script by running python eduroam-linux-nameofinstitution.py
  3. Follow the instructions. You will be asked your username, then to enter your password twice.
  4. Once you have inserted the data, the software will tell you that NetworkManager has not been found, so it will save the data as a wpa_supplicant config text. Confirm that.
  5. By default, the program will install the config file and the certificate in the $XDG_CONFIG_HOME folder. If the environment variable is not set, the $HOME/.config folder will be used.
  6. Under the config folder, a new cat_installer folder will be created. Look into that folder, check whether ca.pem and cat-installer.conf are there.
  7. If you are using ArchLinux and netctl, you can copy and paste the section between curly brackets directly in the WPAConfigSection of a netctl profile (a text file saved in the /etc/netctl folder; its filename will be used as profile name, so to start the profile you should issue the following command: sudo netctl start profile_name). Remember only to wrap each line of the WPAConfigSection with quotes. See for example:
Description='Profile for the eduroam network'
Interface=wlan0
Connection=wireless
Security=wpa-configsection
ESSID=eduroam
IP=dhcp
WPAConfigSection=(
    'ssid="eduroam"'
    'key_mgmt=WPA-EAP'
    'pairwise=CCMP'
    'group=CCMP TKIP'
    'eap=PEAP'
    'ca_cert="/home/user/.config/cat_installer/ca.pem"'
    'identity="user@institution.edu"' 
    'altsubject_match="DNS:asd1.institution.edu"'
    'phase2="auth=MSCHAPV2"'
    'password="password"'
)

Remember to check the permissions to the profile, because in this case the password will be saved in a readable format. Refer to the ArchWiki page for more details.

Hope this will be useful for you!

 
0
Kudos
 
0
Kudos

Now read this

Intervento alla VI Assemblea del Dipartimento di Fisica UniTrento

Riporto l'intervento che ho fatto assieme ai miei colleghi rappresentanti (Zeno Bacciconi, Edoardo Battiti, Francesco Codagnone, Valentina Danieli e Mirco Guerrini) durante la VI Assemblea del Dipartimento di Fisica all'Università di... Continue →