University of Minnesota
Computer Science & Engineering Help Pages
/
Home » Network and Wireless » Linux WPA

Linux WPA

These instructions assume that you are running Ubuntu 6.06 or newer. Fedora Core 5 users can also use these instructions by first installing NetworkManger.

If you do not see a network icon near your power information in gnome, you’ll need to install network–manager–gnome. After installing the package, log out, log back in, and network manager should appear. For Network Manager to work, you’ll want to edit /etc/network/interfaces and comment out all ‘auto’ configuration directives that do not reference ‘lo’.

Next, left click on the network manager icon and choose “Connect to other wireless network...”. Then, enter “EECS-WPA” for the network name and choose “WPA Enterprise” for wireless security. The dialog box will change to look like the one below. Enter the username given by the wireless access tool in the identity text entry box. Enter the password in the password text entry box. Lastly, choose CA Certificate File and choose /etc/ssl/certs/Thawte_Premium_Server_CA.pem. Click connect to attempt a connection.

screen shot of Connect to Other Wireless Network window

If you're using a newer version of Ubuntu, make sure Authentication is set to PEAP. Anonymous identity can be blank, PEAP version is Automatic, and Inner authentication is MSCHAPv2.

screen shot of Connect to Other Wireless Network window for Updated Linux Systems

Advanced Instructions

If you are using wpa_supplicant directly, this configuration should help you configure your wireless connection. Since there are many ways to install and configure wireless networking on Linux, we will not provide user support for this method –– only the NetworkManager method. 


network={
    ssid="EECS-WPA"
    proto=WPA
    key_mgmt=WPA-EAP
    pairwise=CCMP
    eap=PEAP
    identity="user-cs"
    password="password"
    ca_cert="/etc/ssl/certs/Thawte_Premium_Server_CA.pem"
    subject_match="CN=wireless.cs.umn.edu"
    phase2="auth=MSCHAPV2"
}

Your location of the Thawte_Premium_Server_CA.pem file may vary. If you are using a Debian-based OS, you may have to install the “ca–certificates” package. Otherwise, you can download the file at the thawte Root Certificates Download page. Unzip the file and and copy “Thawte Server Roots/ThawtePremiumServerCA_b64.txt” to somewhere on the root drive and make it world-readable. Point ca_cert to
this file.

Contact: 1-213 Keller Hall, 200 Union St SE, Minneapolis, MN 55455   Phone: (612) 625-0876   Email: operator@cs.umn.edu