Email
Main Content

Linux (command line)

Creating the configuration file

Caution! Saving login data always poses a certain security risk.
For computers that are used in public places or can be administered remotely, this should be avoided.

For a successful connection to the WiFi, wpa_supplicant requires a configuration file that contains the authentication details required by the University of Marburg. The configuration file can be created and edited using an editor for the console (e.g. nano or vi). LAN access in the Linux command line works in a similar way.

  1. Create and edit the configuration file with nano:

    user@linux:~$ sudo nano /etc/wpa_supplicant/wpa_supplicant_umrnet_wlan.conf

  2. The configuration file should contain the following lines:

    # wpa_supplicant_umrnet_wlan.conf
    #
    # wpa_supplicant configuration file for IEEE 802.1X authentication
    # in university marburg wireless network
    #

    ctrl_interface=/var/run/wpa_supplicant_umrnet_wlan
    ctrl_interface_group=0

    # IEEE 802.1X (wireless) works with EAPOL version 1; EAPOL Version 2 is not supported by many older wireless drivers in Linux.
    eapol_version=1

    # important for wireless network
    ap_scan=1

    cred={
    realm="radius.students.uni-marburg.de"
    username="Username@students.uni-marburg.de"
    password="Your Password"
    ca_cert="/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem"
    domain="radius.students.uni-marburg.de"
    }

    # university network connection configuration
    network={
    ssid="eduroam"
    key_mgmt=WPA-EAP
    eap=TTLS
    phase1=""
    phase2="auth=PAP"
    ca_cert="/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.pem"
    anonymous_identity="eduroam@students.uni-marburg.de"
    identity="Username@students.uni-marburg.de"
    password="Your Password"
    }

  3. In the configuration file, replace the information on the name of the WiFi network (here: ssid), username (here: identity) and password (here: password) with your desired WiFi network of the university (e.g. eduroam or UMRnet_staff), your full username (e.g. Username@students.uni-marburg.de or username@staff.uni-marburg.de) and your corresponding personal password. Please be sure to enter eduroam@students.uni-marburg.de or eduroam@staff.uni-marburg.de as anonymous_identity.

    Please note: The eduroam username is not an e-mail address, despite the similarity. Aliases such as firstname.lastname@staff.uni-marburg.de will not work!

  4. Save the configuration file, e.g. in nano:
  5. Press the key combination "Ctrl + x", answer with "y" and confirm with the "Return" or "Enter" keys.
  6. To protect the configuration file from unauthorized access, it must be writable and readable only by the root user:

    user@linux:~$ sudo chmod 0600 /etc/wpa_supplicant/wpa_supplicant_umrnet_wlan.conf

Establishing the connection to the WiFi

Testing the connection

  1. Activate the WiFi function of your device.
  2. Then start wpa_supplicant in the command line with the previously created configuration file:

    user@linux:~$ sudo wpa_supplicant -dd -D wext -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant_umrnet_wlan.conf

It may be necessary to modify the above command as follows.

The WiFi adapter wlan0 used in the example may need to be adapted to the WiFi adapter of your system, e.g. sometimes eth1, very rarely eth0, depending on how the WiFi adapter is embedded in the computer.

  • You can get an overview of the network adapters available in your system and their possible WiFi capability in the command line with the following command:

    user@linux:~$ iwconfig

The standard wireless driver wext used in the example fits most wireless adapters, but must be adapted to the appropriate driver (if available) in the event of incompatibility, see: https://wiki.archlinux.org/index.php/WPA_supplicant

After starting wpa_supplicant, wpa_supplicant outputs whether the authentication is successful or not. If the authentication is not successful, this may be due to missing or incorrect username and password details in the configuration file.

The test can be canceled with the key combination "Ctrl + c".

Manual connection

  1. Activate the WiFi function of your device.
  2. For regular connection to the university network, wpa_supplicant and dhclient should be run together. While wpa_supplicant takes care of authentication, dhclient is responsible for automatically obtaining the IP address:

    user@linux:~$ sudo wpa_supplicant -B -D wext -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant_umrnet_wlan.conf && sudo dhclient wlan0

Automatic connection at system startup

If the WiFi connection is to be established automatically when the computer is started, the network adapter used must be set to use wpa_supplicant.

  • Edit the network adapter configuration, e.g. via nano:

    user@linux:~$ sudo nano /etc/network/interfaces

  • The configuration file should contain the following lines:

    # /etc/network/interfaces
    auto lo
    iface lo inet loopback
    # network device with wpa_supplicant wireless
    auto wlan0
    iface wlan0 inet dhcp
    wpa-driver wext
    wpa-conf /etc/wpa_supplicant/wpa_supplicant_umrnet_wlan.conf

As mentioned above, you may need to adjust the settings wlan0 for the WLAN adapter and wext for the WiFi driver to the conditions of your system.

After a restart, the computer should automatically connect to the WiFi in future.
Further information on automatically establishing a connection and troubleshooting can be found at
- https://wiki.ubuntuusers.de/WLAN/wpa_supplicant/#wpa-supplicant-aktivieren
- https://help.ubuntu.com/community/WifiDocs/WiFiHowTo

If the connection does not work, please contact the helpdesk team:
e-mail:
phone: +49 6421 28-28282
Please include your username (uid) and, if possible, the WiFi-MAC-address of the device with your inquiry.
All contact points for help and advice can be found at:
https://www.uni-marburg.de/en/hrz/help-and-advice/contact-points

  • Data privacy

    Never hand out your password and/or personal data to employees of the helpdesk team or the HRZ! 

    Please make sure that your personal login data (username and password of the Uni-Account) are not stored on the servers of your service provider. Otherwise there are serious security risks! Please follow the corresponding instructions in the manual. 

    Please note that the use of applications and services on mobile devices always poses a risk to your personal data. Further information on data protection on mobile devices can be found on the website of the Hessian Data Protection Commissioner. 

As of: 2024-03