Manually Connect to WPI Wireless Using Linux

How to manually connect your Linux device to the WPI Wireless network.

Instructions - Manual Configuration

  1. Make sure your computer's clock is set to the correct local date and time.
  2. Find your Linux system's wireless MAC address.
  3. Make sure your Linux system's wireless MAC address is registered through WPI Network Registration.
  4. Install wpa_supplicant.
  5. note:

    Many Linux distributions (e.g. Ubuntu, or Raspbian for Raspberry Pi) ship with this utility already, so check before downloading separately

  6. Using a Mac or PC that is already on the Internet, download your certificates using the Connecting a Device which is Unsupported by CloudPath to the Wireless Network instructions.
  7. Copy the two certificate files to a convenient location for storing certificates, such as /etc/pki/tls/certs.
  8. Protect the security of your WPI credentials!
    • Option #1: Make the configuration and your wireless user certificate files only readable by root:
    • chown root:root /etc/wpa_supplicant.conf
            /etc/pki/tls/certs/WPI-Wireless*.pem
            chmod 600 /etc/wpa_supplicant.conf /etc/pki/tls/certs/WPI-Wireless*.pem
    • Option #2: Change the passphrase so that it does not use your WPI credentials:
    • openssl pkcs12 -in Certificates.p12 -out temp.pem -passin pass:CURRENTPASSWORD -passout pass:TEMPPASSWORD
            openssl pkcs12 -export -in temp.pem -out Certificates-final.p12 -passin pass:TEMPPASSWORD -passout pass:FINALPASSWORD
            rm -rf temp.pem
  9. Configure /etc/wpa_supplicant.conf as follows, filling in the proper paths and filenames to the downloaded certificate files and entering either your WPI password if you used Option #1 above or your new password if you used Option #2 above.
  10. network={
                ssid="WPI-Wireless"
                key_mgmt=WPA-EAP
                proto=WPA2
                pairwise=CCMP
                group=CCMP
                eap=TLS
                identity="YOUR_WPI_EMAL_ADDRESS"
                ca_cert="/etc/pki/tls/certs/CA-LONG-STRING-OF-CHARACTERS.pem"
                client_cert="/etc/pki/tls/certs/certificate.p12"
                private_key="/etc/pki/tls/certs/certificate.p12"
                private_key_passwd="YOUR_PASSWORD"
        }
  11. Start wpa_supplicant with the configuration file and wireless network interface name. You may also need to pass the driver type, e.g.:
  12. wpa_supplicant -c /etc/wpa_supplicant.conf -i ath0 -D madwifi
    
        The output from wpa_supplicant should look something like this:
    
        l2_packet_receive - recv: Network is down
        Trying to associate with 00:0b:0e:0f:87:41 (SSID='WPI-Wireless' freq=5180 MHz)
        Associated with 00:0b:0e:0f:87:41
        WPA: Key negotiation completed with 00:0b:0e:0f:87:41
    
    
        Start your DHCP client on the wireless network interface, e.g.:
    
        /sbin/dhclient ath0
    

Audience

FacultyStaffStudents

WPI Info
What is your Affiliation with WPI?

Include details such as which device(s), your location (on or off campus), how long the issue has been ocurring.