Configuring Raspberry Pi to work with WIRELESS-PITTNET

This method should work with any Linux version that uses the wpa_suplicant for wireless networking.

  1. Download the intermediate certs from Pitt Software site.
  2. Extract USERTrustRSA.cer from the zip file.

    $ unzip certs-fy16.zip

  3. Convert the .cer to .pem format with openssl

    $ openssl x509 -inform cer -in USERTrustRSA.cer –outform pem -out USERTrustRSA.pem

  4. Create a directory to put the .pem version of the certificate in

    $ sudo mkdir /boot/wifi-ca

  5. Copy the .pem file to the directory created in the step above.

    $ sudo cp USERTrustRSA.pem /boot/wifi-ca/

  6. Append the following to the file /etc/wpa_supplicant/wpa_supplicant.conf substituting the appropriate information for the SSID (WIRELESS-PITTNET|WIRELESS-PITTNET-FAST|eduroam), identity, and password:

    network={
    ssid=”eduroam”
    key_mgmt=WPA-EAP
    eap=PEAP
    identity=”username@pitt.edu”
    password=”password”
    phase1=”peaplabel=0″
    phase2=”auth=MSCHAPV2″
    ca_cert=”/boot/wifi-ca/USERTrustRSA.pem”
    }

  7. If the wpa_supplicant is running, it should detect the change within a few minutes and try to associate with the new SSID configured. Restarting the process or reboot the entire system will also force a refresh.

There is no way that I know of that would allow you to use a password hash rather than the clear text password in the wpa_supplicant.conf file.  Not optimal, but it works until a better solution presents itself.

 

 

Advertisements