Home | Sitemap | deutsch  | Legals | KIT

Linux

WLAN configuration

Connecting to KIT and eduroam

The following shows how to connect to KIT. To connect to eduroam simply replace all occurrences of KIT with eduroam.

The T-TeleSec GlobalRoot Class 2 certificate is required. It is included in the debian/ubuntu package ca-certificates and can be downloaded here. The installed certificate can be found in the file /etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem.

You can either use the Network Manager, a graphical user interface for wpa_supplicant, or wpa_supplicant itself.

Network Manager

Choose the network KIT in the Network Manager [figure 1]. Configure the settings and click on "Connect" [figure 2].

  • Wireless security: WPA & WPA Enterprise
  • Authentication: Tunneled TLS
  • Anonymous identity: anonymous@kit.edu
  • Domain: radius-wlan.scc.kit.edu (option is missing in older versions of Network Manager)
  • CA certificate: /etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem
  • Inner authentication: PAP
  • Username: your KIT account (e.g. ab1234@kit.edu or uxxxx@kit.edu)
  • Password: your password
Figure 1: Network Manager
Figure 1: Network Manager
Figure 2: Configuration
Figure 2: Configuration

 

wpa_suppliant

If you want to use wpa_supplicant without a gui, enter in the configuration file:

network={
ssid="KIT"
key_mgmt=WPA-EAP
pairwise=CCMP TKIP
group=CCMP TKIP
eap=TTLS
phase2="auth=PAP"
anonymous_identity="anonymous@kit.edu"
identity="ab1234@kit.edu"
password="password"
ca_cert="/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem"
altsubject_match="DNS:radius-wlan.scc.kit.edu"
}

More information on wpa_supplicant can be found in the archlinux wiki.