Raspberry PI Projects >> Projects >> Wifi / WLan Projects >> Connecting a Raspberry Pi to UVA’s Eduroam WiFi

Connecting a Raspberry Pi to UVA’s Eduroam WiFi

Wednesday August 2, 2023 / Muhammad Bilal
Categories: Wifi / WLan Projects
Tags: network, terminal, wifi
Contents hide
1 Preparing the Pi
2 RaspbianOS setup
3 Quick connect the Pi to the Internets
4 Register your Pi
5 Install NetworkManager
6 Disable dhcpcd
7 Edit NetworkManager.conf
8 Generate a personal certificate
9 Run the eduroam set up tool
10 Edit the wpa_supplicant file
11 Run NetworkManager tool
12 Final step

This guide compiles various online instructions required to establish a connection between the latest version of RaspbianOS and UVA's eduroam WiFi network.

The following four sets of instructions need to be followed:

  1. My previous instructions, which are now obsolete.
  2. Prof. Luther A. Tychonievich's instructions for configuring Linux on eduroam.
  3. A guide from Reddit on configuring Linux on eduroam.
  4. A tutorial on installing NetworkManager.

Preparing the Pi

Before getting the Pi operational on eduroam, there are a few preliminary tasks to complete. The most crucial one is switching the default network management software, which, fortunately, simplifies network administration significantly. However, it's essential to note that you need an existing network connection on your Raspberry Pi to install the software.

Although this requirement might seem challenging, it can be overcome, and if your objective is solely to establish a swift network connection, this step might be all you need to accomplish.

RaspbianOS setup

If you have just performed a fresh installation of RaspbianOS, it is crucial to go through the Welcome to Raspberry Pi setup instructions. One essential step is setting up a password. However, at this point, you can skip the Network setup and OS upgrading steps for the time being.

Quick connect the Pi to the Internets

Here are a few alternatives to temporarily connect the Pi to the internet, which might be all that you require:

  1. Ethernet: If possible, connect the Pi directly to an Ethernet port to initiate the installation process.
  2. Hotspot: The simplest method is to turn your phone into a hotspot while it is connected to eduroam or another network. Your phone's settings should have an option for this.
  3. Visit a location with Ethernet or easily accessible WiFi, such as a coffee shop, fast food restaurant, or public library, where you can connect to their network.

Register your Pi

To register your Pi with UVA's approved devices, adhere to the instructions provided in my initial post. This step can be completed using any computer or phone that has an internet connection.

To obtain the Pi's MAC address, enter the following command in the terminal:

ip address

Access the ITS Registration page by following this link: https://netreg.itc.virginia.edu/cgi-bin/mac_registration.cgi?alien=1

Once you have logged in with NetBadge, the steps are straightforward:

  • Physical/Hardware Address: Enter the MAC address (Alternatively, you can register the Ethernet MAC as well).
  • This is a wireless device: Select “Yes.”
  • Asset Tag (optional): You can leave this field blank.
  • Serial Number (optional): You can leave this field blank.
  • Identifying Notes: You can leave this field blank.

After completing the necessary information, click the submit button, and your registration will be successfully processed.

Install NetworkManager

Now, we return to the Raspberry Pi for the next step, requiring an internet connection (hotspot, Ethernet, etc.).

To simplify the process, let's install NetworkManager, which offers a user-friendly graphical interface for network management.

To proceed with this step, follow the instructions provided by JJSanderson for installing NetworkManager.

  1. Open a Terminal on your Raspberry Pi.
  2. Enter the following commands one at a time, pressing the Enter key after each command:

Wait for that process to finish, then type

sudo apt install network-manager network-manager-gnome

During the installation process, you will be prompted to confirm the installation of multiple packages. Simply type ‘y' and press Enter to proceed.

Disable dhcpcd

Now, let's proceed with disabling the dhcpcd program from managing the wireless network card (wlan0).

Open the terminal and access the /etc/dhcpcd.conf file by executing the following command:

Alternatively, if you prefer, you can open the file using the nano or vim text editors (vim may require installation) or any other text editor available on your Raspberry Pi. Geany and nano are pre-installed by default.

To add the necessary line to the bottom of the file, enter the following:

denyinterfaces wlan0

Save the changes and close the file.

Edit NetworkManager.conf

Execute the command below in the terminal to open the “/etc/NetworkManager/NetworkManager.conf” file using the Geany text editor:

sudo geany /etc/NetworkManager/NetworkManager.conf

Within the file, add the line “dhcp=internal” and change the value of “managed” to “true”. Finally, save the modifications and close the file.

The resulting configuration should resemble the following:

[main]
plugins=ifupdown,keyfile
dhcp=internal

[ifupdown]
managed=true

From now on, you can utilize NetworkManager to handle WiFi connections and perform various internet-related tasks. It provides a convenient interface for managing these functionalities on your system.

Generate a personal certificate

Moving on, let's proceed with step 2 of Prof. Tychonievich's tutorial.

For this step, remain on the Raspberry Pi and ensure it is disconnected from any Ethernet or other WiFi networks.

If you are currently on the University of Virginia (UVA) campus, connect to the “UVA WiFi Setup” network. However, if you are off-campus, kindly refer to the instructions provided on Prof. Tychonievich's website for further guidance.

Subsequently, open a web browser on the Raspberry Pi and navigate to the following website: https://cloud.securew2.com/public/82116/limited/.

Proceed by carefully following the instructions provided on the website to generate and download a personal certificate.

Lastly, click the designated button to proceed with the process.

Click the Sign In button

Sign in with computing ID and password

Enter a User Description for identification purposes, such as “(Your Name) Raspberry Pi”. You can omit filling in the MAC Address field. Simply click the “Create” button to proceed without entering any MAC Address information.

Enter a passphrase. You’ll need to remember this! Then hit the Submit button

Click the P12 link to download the certificate to your Downloads directory.

 

It is important to maintain the confidentiality of the certificate. Follow the recommendation to store the certificate in a hidden directory and adjust the permissions to restrict access to only your user.

To accomplish this, execute the following command in the terminal. This will create a hidden folder in your home directory:

mkdir ~/.certificates
chmod 700 ~/.certificates

Move the certificate you downloaded from the Downloads folder to the .certificates folder.

Run the eduroam set up tool

To proceed with this step, reconnect the Raspberry Pi to the hotspot or any alternative method of connecting to the internet.

Now, follow the instructions outlined in the provided Reddit guide to install the necessary files for eduroam. This particular tool has been developed by Eduroam and is specifically designed for connecting to UVA's eduroam network on the main campus in Charlottesville.

Download the eduroam installer by visiting the following website in a browser on your Raspberry Pi: https://cat.eduroam.org/

Click the designated button on the website to initiate the download of the eduroam installer.

Select the option of “University of Virginia-Main Campus”.

Click the link to “Choose another installer to download”.

On this next screen, click the Linux button.

The browser will prompt you to Keep or Discard the file. Click Keep.

Take note of the location where you have downloaded the file. By default, it is saved in the “Downloads” folder within your home directory.

Now, move the downloaded file to your home directory. You can accomplish this either by using the file explorer graphical user interface (GUI) or the terminal.

To navigate to your home directory using the terminal, type “cd” in the terminal.

If you are already in your home directory within the terminal, execute the following command:

mv Downloads/eduroam-linux-UoVC.py ~/

This command moves the “eduroam-linux-UoVC.py” file from the “Downloads” folder to your home directory.

Now, in the terminal, you can run the script

python eduroam-linux-UoVC.py

Accept all of the prompts.

To proceed, ensure that the file manager is set to display hidden files. Right-click anywhere on the screen and select the option “Show Hidden Files” from the menu. This will enable the visibility of hidden files and directories.

Next, navigate to the location where you saved the downloaded certificate. Move the certificate file to the “.certificates” folder by placing it within that directory.

Enter your passphrase you used to create the certificate.

Following this process, a ‘.cat_installer' folder will be generated, containing two files: ‘ca.pem' and ‘user.p12'.

In the subsequent step, we will utilize the ‘ca.pem' file, while the ‘user.p12' file remains unused.

Edit the wpa_supplicant file

Now, let's proceed with editing the ‘wpa_supplicant' file.

Open the file by executing the following command in the terminal:

Once the file is open, add the following content to the bottom of the file.

network={
  ssid="eduroam"
  key_mgmt=WPA-EAP
  pairwise=CCMP
  group=CCMP TKIP
  eap=TLS
  cat_cert="/home/pi/.cat_installer/ca.pem"
  identity="[email protected]"
  altsubject_match="DNS:wireless.itc.virginia.edu"
  if Config.eap_outer == 'PEAP' or Config.eap_outer == 'TTLS':
    phase2="auth="
    password="Your passphrase here"
    if Config.anonymous_identity != '':
      anonymous_identity=""
  if Config.eap_outer == 'TLS':
    private_key_passwd="Your passphrase here"
    private_key="/home/pi/.cat_installer/user.p12"
}


After editing this file, reboot the Pi.

Run NetworkManager tool

Now, let's return to the tutorial by Prof. Tychonievich.

After rebooting the Pi, a window will appear regarding authentication to the eduroam network. Simply click the “Cancel” button to proceed.

Hover the mouse cursor over the NetworkManager icon and perform a right-click (alternate mouse button click). From the context menu that appears, select the option “Edit Connections.

Enter the information as listed in Step 1 on his tutorial.

  • Security: WPA & WPA2 Enterprise
  • Authentication: TLS
  • Identity: [email protected] (your email all lower-case)
  • Domain: leave this blank
  • CA certificate: ca.pem
  • CA Certificate Password: disabled
  • User certificate: Click the down arrow and browse to the file in the .certificates folder.
  • User certificate password: disabled
  • User private key: same as User certificate
  • User key password: The password you set when you downloaded your personal digital certificate.

Final step

Connect to the eduroam network, and enjoy!


About The Author

Muhammad Bilal

I am highly skilled and motivated individual with a Master's degree in Computer Science. I have extensive experience in technical writing and a deep understanding of SEO practices.

Scroll to Top