From aa76206ad38b5491688c0885799bce89c0537911 Mon Sep 17 00:00:00 2001 From: Mart Lubbers Date: Mon, 5 Nov 2018 10:09:49 +0100 Subject: [PATCH] Patch for eduroam ru --- index.html | 4 ++-- nonm.html | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 4085507..8991b2d 100644 --- a/index.html +++ b/index.html @@ -171,7 +171,7 @@

Tutorials or manuals

@@ -196,6 +196,6 @@

Valid XHTML 1.0 Strict

Best viewed with a screen resolution >= 640x480 or >=80x24 text mode in one of these browsers.

The source of this website can be found here

-

Last updated: 2018-10-22

+

Last updated: 2018-11-05

diff --git a/nonm.html b/nonm.html index 5baa473..55096e1 100644 --- a/nonm.html +++ b/nonm.html @@ -79,5 +79,44 @@ update_config=1 Note that it resides by default in /usr/sbin. wpa_gui is a graphical frontend where you can add, remove, diagnose and change wireless networks with almost as much functionality as wpa_cli.

+ +

eduroam

+

+ Eduroam gives a nice configuration assistant tools nowadays that will generate a wpa_supplicant.conf entry for you. + Previously you could hash your password using md4 but I haven't tested whether this still works. +

+ +

update: cat broken

+ The tool worked before&tm; but not anymore on my debian testing version. + Therefore I've pasted my config here for later reference. + You get the ca_cert from the assistant tool. + I might upload that here as well. +
+network={
+	ssid="eduroam"
+	proto=RSN
+	key_mgmt=WPA-EAP
+	pairwise=CCMP
+	auth_alg=OPEN
+	eap=PEAP
+	identity="YOURUSERNAME@ru.nl"
+	anonymous_identity="anonymous@ru.nl"
+	password="YOURPASSWORD"
+#	ca_cert="/home/mrl/.cat_installer/ca.pem"
+	domain_suffix_match="authenticatie.ru.nl"
+	phase2="auth=MSCHAPV2"
+}
+		
+

+ +

openssl update

+

+ The new version of openssl disables everything lower than TLSv1.2. + If you see errors in /var/log/syslog about TLS you have to allow lower version TLS versions by changing the last two lines in /etc/ssl/openssl.cnf to: +

+MinProtocol = TLSv1.0
+CipherString = DEFAULT@SECLEVEL=1
+		
+

-- 2.20.1