connecting to 802.1X wlan with only wpa_supplicant

Nov 17, 2017

updated at: May 28, 2019

0 comments

Intro

A couple of days ago I reinstalled Arch Linux on my little laptop, however I had no option to connect to Ethernet. Also I had no open WiFi network nor WEP/WPA2 protected. Well technically I had a phone so I could connect to it's hotspot or could connect to the 802.1X network trough USB tethering, I'll explain how to connect to USB tethering briefly.

If you have an android phone and want a quick connection just connect your laptop and phone trough USB and enable USB tethering in the settings of your phone. Next add a network file to /etc/systemd/network/ for example: 50-wired.network. put in:

[Match]
Name=eth1 # the network interface which connects to your phone
[Network]
DHCP=ipv4 

The last stap is to start systemd-networkd.service and systemd-resolved.service and you should be good to go.

Connection to 802.1X

So the real thing now, I am at university and the only WiFi network I have is eduroam, it is PEAP protected so I can't just connect with wifi-menu. In the normal world you would use Connman or NetworkManager however I don't have this installed.

First let us scan the network:

Before we do that we need to make sure wpa_supplicant is running, make a file under /etc/wpa_supplicant/ for example: example.conf:

ctrl_interface=/run/wpa_supplicant # the socket
update_config=1

And run:

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/example.conf

If wpa_supplicant is started successfully we can open wpa_cli.

# wpa_cli

wpa_cli does not scan the network on my machine so I need to run iw wlan0 scan first.

Next run these commands in the interactive wpa_cli mode:

# scan
# scan_results

and you should see all the SSIDS.

Edit the file under /etc/wpa_supplicant/example.conf or make a new on and put in:

ctrl_interface=/run/wpa_supplicant # the socket
update_config=1

network={

    ssid="eduroam"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="example"
    password="example"
    phase2="autheap=MSCHAPV2"
    anonymous_identity="example" # just erase this if you don't need

}

launch it with:

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/example.conf -B # -B is run in background

Next we will ask for an IP-address:

# dhcpd

And we have internet!

1