This article provides information on how Linux can be connected to the UC Berkeley Campus eduroam WiFi network. Due to the variety of Linux distributions and graphical interface choices it is not possible to cover all methods of configuration. This guide only provides the core information necessary for an individual to configure the system themselves.
Notes:
- Linux is a useful and welcome operating system at UC Berkeley but because of the vast differences between versions and distributions we are not able to provide assistance with connectivity issues
- Several users have reported to CSS-IT that if "Tunneled TLS" is enabled, it can cause problems accepting the CA certificate. If you have this setting enabled, try disabling it.
Before you Begin
- Forget the CalVistor and airbears2 networks from your remembered WiFi networks list
- Create your WiFi Key
- If you have not yet created a WiFi key, navigate to Berkeley Portal WiFi account management and follow the prompts.
- Instructions can be found here: Creating a WiFi Key and Managing WiFi Keys
Linux WiFi Configuration Options
Linux distributions can be configured using the graphical user interface (GUI) or from the command line.
Connecting Linux to eduroam from the GUI
1. Open the wireless network browser (the following are some example methods from known platforms)
- Click on the WiFi icon in the system status bar
- Open the Network configuration tool and then Wireless
- Open the System Settings tool, Select Network and then the wireless adapter
It may take a few moments for your computer to identify and list all available wireless networks
2. Select eduroam from the list of available wireless networks
3. You will be prompted to authenticate to the wireless network, fill out the appropriate information and then click Ok, Save, Join, Continue, or whatever acknowledgement button there may be.
The following are are many of the common configuration options. Some may only be accessible by choosing advanced configuration and some may not be listed as an option.
- EAP Method: PEAP
- Phase 2 Authentication: MSCHAPv2
- CA Certificate: Do Not Validate or Use System Certificate
- Online Certificate Status: Do Not Validate
- Validate Certificate: Deselected or No
- Domain: berkeley.edu
- Identity: your eduroam WiFi ID (example jtsmith@berkeley.edu)
- Anonymous Identity: leave this blank
- Password: your eduroam WiFi Key
- Connect Automatically: Selected or Yes
4. You should now be able to connect to the eduroam network, if you are unable to connect you can check syslog for any errors that need to be addressed.
Connecting Linux to eduroam using the WPA Supplicant
1. Change to the /etc/wpa_supplicant directory
2. With superuser privileges crea a configuration file for eduroam using your preferred text editor, this example will use eduroam_wifi.conf
linux:~$ sudo vi eduroam_wifi.conf
3. Populate the file with the following template
# eduroam wifi configuration
# NOTE: command to connect as following:
# wpa_supplicatn -i wlan0 -c /etc/wpa_supplicant/eduroam_wifi.conf
network={
ssid="eduroam" scan_ssid=1
key_mgmt=WPA-EAP
identity="{wifiid}@berkeley.edu"
password=hash:{wifikey-hash}
eap=PEAP
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
4. Replace {wifiid}@berkeley.edu with your WiFi Key username
5. To protect your password use a separate window run the following command replacing WIFIKEY with your WiFi Key
echo -n 'WIFIKEY' | iconv -t utf16le | openssl md4
6. Replace {wifikey-hash} in the configuration file with the output (no spaces, no quotes) from the previous command
7. Save the file and exit from the editor
8. You can now test connecting to eduroam with the following command
wpa_supplicatn -i wlan0 -c /etc/wpa_supplicant/eduroam_wifi.conf
9. You should now be able to connect to the eduroam network, if you are unable to connect you can check syslog for any errors that need to be addressed.