Email
Main Content

Linux (manually)

  • Entry requirements

    - You have the login credentials for your university account (Staff or Students).

    - Operating system: Linux should be up to date, i.e. all updates should be installed.

    - Drivers: You should ensure that the latest drivers for the WiFi adapter are installed. 
    Modern Linux distributions usually install the required WiFi drivers automatically, provided that freely available drivers exist for the WiFi adapter.

    - IP and DNS settings: You do not need to change the IP (Internet Protocol) and DNS (Domain Name System) settings for your WiFi connection, the default settings for all modern operating systems (automatic IP via DHCP, automatic DNS server) are suitable.

    - Supplicant for IEEE 802.1X registration: The wpa_supplicant program is already pre-installed in most Linux distributions. If it is missing, it can be installed via the software or package manager of the Linux distribution. Under RedHat, Fedora and SuSE the package is called wpa_supplicant, under Debian and Ubuntu it is called wpasupplicant. The EAP-TTLS-PAP or EAP-PEAP-MSCHAPv2 authentication methods used in UMRnet are supported by default.

    - Root certificate: The T-Telesec Global Root Class 2 certificate or the file "/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem" must be available. 
    Most modern distributions already include the certificate (see root certificate).

Note:
The settings described below for logging in with IEEE 802.1X refer to the GNOME Network Manager (pre-installed standard tool for network configuration under Ubuntu). If you use GNOME but under a distribution other than Ubuntu, you can also call the program separately as nm-applet.

1. Activate the WiFi function on your device.
2. Open the Network Manager applet and click on Network settings.
You should now see all available wireless networks.
3. Select eduroam from the list of wireless networks and click on Connect.
4. Enter the following settings in the Legitimization for wireless network dialog:
- Wi-Fi security: WPA3 Enterprise (if not available -> WPA & WPA2 Enterprise)
- Authentication: Tunneled TLS (also: Tunneled TLS or TTLS)
- Anonymous identity:
   - Students: eduroam@students.uni-marburg.de
   - Staff: eduroam@staff.uni-marburg.de
- Domain:
   - Students: radius.students.uni-marburg.de
   - Staff: radius.staff.uni-marburg.de
- CA certificate: T-TeleSec_GlobalRoot_Class_2
This should be stored under /etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem.
- Inner authentication: PAP
- Username: Your username
   - Students: Username@students.uni-marburg.de
   - Staff: Username@staff.uni-marburg.de
- Password: Your password

Please note: The eduroam username is not an e-mail address, despite the similarity. Aliases such as firstname.lastname@staff.uni-marburg.de do not work!

5. Click on Connect, you should then be connected to the Internet.

If the connection does not work, please contact the helpdesk team:
e-mail:
phone: +49 6421 28-28282
Please include your username (uid) and the WiFi-MAC-address of the device with your inquiry.
All contact points for help and advice can be found at:
https://www.uni-marburg.de/en/hrz/help-and-advice/contact-points

  • Data privacy

    Never hand out your password and/or personal data to employees of the helpdesk team or the HRZ! 

    Please make sure that your personal login data (username and password of the Uni-Account) are not stored on the servers of your service provider. Otherwise there are serious security risks! Please follow the corresponding instructions in the manual. 

    Please note that the use of applications and services on mobile devices always poses a risk to your personal data. Further information on data protection on mobile devices can be found on the website of the Hessian Data Protection Commissioner. 

As of: 2025-06