Note that it resides by default in <tt>/usr/sbin</tt>.
<tt>wpa_gui</tt> is a graphical frontend where you can add, remove, diagnose and change wireless networks with <em>almost</em> as much functionality as <tt>wpa_cli</tt>.
</p>
+
+ <h2><tt>eduroam</tt></h2>
+ <p>
+ Eduroam gives a nice configuration assistant tools nowadays that will generate a <tt>wpa_supplicant.conf</tt> entry for you.
+ Previously you could hash your password using md4 but I haven't tested whether this still works.
+ </p>
+
+ <h3>update: cat broken</h3>
+ The tool worked before™ but not anymore on my debian testing version.
+ Therefore I've pasted my config here for later reference.
+ You get the <tt>ca_cert</tt> from the assistant tool.
+ I might upload that here as well.
+ <pre>
+network={
+ ssid="eduroam"
+ proto=RSN
+ key_mgmt=WPA-EAP
+ pairwise=CCMP
+ auth_alg=OPEN
+ eap=PEAP
+ identity="YOURUSERNAME@ru.nl"
+ anonymous_identity="anonymous@ru.nl"
+ password="YOURPASSWORD"
+# ca_cert="/home/frobnicator/.cat_installer/ca.pem"
+ domain_suffix_match="authenticatie.ru.nl"
+ phase2="auth=MSCHAPV2"
+}
+ </pre>
+ </p>
+
+ <h2><tt>openssl update</tt></h2>
+ <p>
+ The new version of openssl disables everything lower than TLSv1.2.
+ If you see errors in <tt>/var/log/syslog</tt> about <tt>TLS</tt> you have to allow lower version TLS versions by changing the last two lines in <tt>/etc/ssl/openssl.cnf</tt> to:
+ <pre>
+MinProtocol = TLSv1.0
+CipherString = DEFAULT@SECLEVEL=1
+ </pre>
+ </p>
</body>
</html>