EDV:EDUROAM: Difference between revisions

From KIP Wiki
⧼kip-jumptonavigation⧽⧼kip-jumptosearch⧽
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
A manual for different operating systems is available from the URZ:
Generelle Anleitungen für verschiedene Systeme und Plattformen finden Sie auf der eduroam Seite des URZ.


[http://www.urz.uni-heidelberg.de/zugang/eduroam/ URZ Eduroam ]
[https://www.urz.uni-heidelberg.de/de/eduroam URZ Eduroam (deutsch)], [https://www.urz.uni-heidelberg.de/en/eduroam URZ Eduroam (english)]


== Problems while updating eduroam certificates ==
Wichtige Infos findet man auch hier: (nur mit Login erreichbar)


=== Windows ===
https://portal.kip.uni-heidelberg.de/x2go


If no longer a connection to eduroam can be established you have to update the certificates by installing eduroam again. You can get the installation tool on [https://cat.eduroam.org/# Configuration Assistant Tool (CAT)].
== Eduroam über wpa_supplicant (Linux) ==

If it's not able to open a connection after updating the certificates, you have to delete the installed ones. The possibility to do this in Windows is opening the certificate manager "certmgr.msc". There you have to search the certificate "T-TeleSec GlobalRoot Class 2" and remove all that are not valid till 2033. And then also search for certificates from "DFN-Verein Global Issuing CA" and remove all which are not valid till 2031.

=== Linux ===

For the installation on Linux you first download the installation script of the Universität Heidelberg from [https://cat.eduroam.org/# Configuration Assistant Tool (CAT)] (it's a python script called "eduroam-linux-Universitat_Heidelberg-Standard_ab_2019.py"). After that remove the old profile by opening the configuration form of eduroam on the "NetworkManager" and clicking "forget connection". Then run the script with python.

-> Information page of URZ: [https://www.urz.uni-heidelberg.de/de/eduroam-neu auf deutsch], [https://www.urz.uni-heidelberg.de/en/eduroam-neu in english]

== eduroam über wpa_supplicant (Linux) ==




Hierzu gibt es eine Konfigurationsdatei:
Hierzu gibt es eine Konfigurationsdatei:
<br>
[[File:Wpa_supplicant.conf.txt|wpa_supplicant.conf]]
<br><br>
Die Datei sollte dann so aussehen:

# path to UNIX socket control interface
ctrl_interface=/var/run/wpa_supplicant
#eapol_version=1
ap_scan=1
network={
ssid="eduroam"
key_mgmt=WPA-EAP
eap=TTLS
proto=WPA RSN
identity="uni-id@uni-heidelberg.de"
anonymous_identity="anonymous@uni-heidelberg.de"
ca_cert="/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem"
phase2="auth=PAP"
# Hier entweder das Klartext Passwort oder einen Hash davon (mkntpwd)
password="xxxx"
}

Abspeichern zum Beispiel unter dem Namen eduroam.conf.

Das ganze kann man dann Starten mit:

wpa_supplicant -B -i wlan0 /etc/wpa_supplicant/eduroam.conf

Falls der Daemon schon läuft dann mit folgendem Befehl beenden:


[File:wpa_supplicant.conf|wpa_supplicant.conf]
killall -15 wpa_supplicant

Revision as of 10:55, 7 June 2019

A manual for different operating systems is available from the URZ:

URZ Eduroam (deutsch), URZ Eduroam (english)

Problems while updating eduroam certificates

Windows

If no longer a connection to eduroam can be established you have to update the certificates by installing eduroam again. You can get the installation tool on Configuration Assistant Tool (CAT).

If it's not able to open a connection after updating the certificates, you have to delete the installed ones. The possibility to do this in Windows is opening the certificate manager "certmgr.msc". There you have to search the certificate "T-TeleSec GlobalRoot Class 2" and remove all that are not valid till 2033. And then also search for certificates from "DFN-Verein Global Issuing CA" and remove all which are not valid till 2031.

Linux

For the installation on Linux you first download the installation script of the Universität Heidelberg from Configuration Assistant Tool (CAT) (it's a python script called "eduroam-linux-Universitat_Heidelberg-Standard_ab_2019.py"). After that remove the old profile by opening the configuration form of eduroam on the "NetworkManager" and clicking "forget connection". Then run the script with python.

-> Information page of URZ: auf deutsch, in english

eduroam über wpa_supplicant (Linux)

Hierzu gibt es eine Konfigurationsdatei:
File:Wpa supplicant.conf.txt

Die Datei sollte dann so aussehen:

# path to UNIX socket control interface
ctrl_interface=/var/run/wpa_supplicant

#eapol_version=1

ap_scan=1

network={
   ssid="eduroam"
   key_mgmt=WPA-EAP
   eap=TTLS
   proto=WPA RSN
   identity="uni-id@uni-heidelberg.de"
   anonymous_identity="anonymous@uni-heidelberg.de"
   ca_cert="/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem"
   phase2="auth=PAP"
   # Hier entweder das Klartext Passwort oder einen Hash davon (mkntpwd)
   password="xxxx" 
}

Abspeichern zum Beispiel unter dem Namen eduroam.conf.

Das ganze kann man dann Starten mit:

wpa_supplicant -B -i wlan0 /etc/wpa_supplicant/eduroam.conf

Falls der Daemon schon läuft dann mit folgendem Befehl beenden:

killall -15 wpa_supplicant