Raspberry Pi + Wifi + wireless.artic.edu = ❤


#1

Hello all, so here is a quick set of notes about getting your Raspberry Pi onto the wireless.artic.edu wireless network. It is slightly tricky due to our network’s security features, etc.

  1. I used an Edimax USB wireless interface. I tried other wireless interfaces (even some that claimed to use the same realtek chipset) and they did not work. Other interfaces with compatible chipsets should work as well. Check the http://elinux.org/RPi_VerifiedPeripherals for ideas.

  2. Plugging the wireless interface into a powered USB hub did not work. The wireless interface had to be plugged directly into the PI. Everything else (keyboard, etc) was plugged into a powered usb hub. I’m assuming this was a power issue, but it could have been anything including interference, etc.

  3. It is currently impossible (from my research) to hash / encrypt inner authentication passwords when using a PAP inner authentication scheme (like we use here at SAIC/ARTIC). This means that your school password will be stored in PLAIN TEXT on the SD card of your Raspberry Pi. Thus, the security of your wireless password (and by extension your ARTIC password) can only be protected by:

  • Choosing a secure ROOT password on your PI (don’t use the default pi/raspberry user/pass !!!). The wpa_supplicant.conf file is limited to root access, but the default “pi” user is set up as a a passwordless sudoer by default, so sudo vi or sudo nano … gets you in if you have the pi password. Bottom line, you must change the default password on your Raspberry Pi! You can do it with the passwd command on your Raspberry Pi.
  • Securing your physical SD Card / PI for installations. If someone swipes your SD card, the filesystem (and thus the user/password) is easily accessible. If this happens (or even if you momentarily misplace an SD CARD), change your SAIC user / pass immediately.

OK. With all of that in mind. It’s actually quite easy. Below is the contents of your
/etc/wpa_supplicant/wpa_supplicant.conf file. YOUR_USERNAME should be the first part of your email address (e.g. for me it is cbaker2 NOT cbaker2@saic.edu). Your SECRET_PASSWORD is your SAIC password in plain text.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
	ssid="wireless.artic.edu"
	proto=RSN
	key_mgmt=WPA-EAP
	pairwise=CCMP
	auth_alg=OPEN
	eap=TTLS
	identity="YOUR_USERNAME"
	password="SECRET_PASSWORD"
	phase2="auth=PAP"
}

#2

I created the wpa_supplicant.conf file in the /etc/wpa_supplicant/ directory with the content you posted. Is there anything else I need to do other than a reboot for it to work (mine doesn’t)? or do I need to change something else?

how should my /etc/network/interfaces look like? The tutorial to set up general Wifi mentions it. Mine looks like this:

auto lo

iface lo inet loopback
iface eth0 inet dhcp

allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp

#3

You’re within range of the SAIC network I presume?

A reboot should do it …

Or perhaps

sudo ifdown wlan0

then

sudo ifup wlan0

to manually bring the interface up and down …


#4

when I do sudo ifdown wlan0 I get
ifdown: interface wlan0 not configured.

When I do ifconfig wlan0 I get this:

wlan0     Link encap:Ethernet  HWaddr 00:13:ef:d0:26:10  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

I think the problem is that the RPi prefers ethernet over wifi, and I have ethernet connected to boot from my mac. After following this the boot takes significantly longer and the wifi-dongle is now blinking quite actively, but I still have the same return from above upon ifconfig wlan0. It’s still mentioning ethernet. hmm…


#5

Sending some :heart: from SAIC in 2017. Updating the wpa_supplicant.conf file with

network={
ssid=“wireless.artic.edu”
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP
auth_alg=OPEN
eap=TTLS
identity=“YOUR_USERNAME”
password=“SECRET_PASSWORD”
phase2=“auth=PAP”
}

on a Raspberry Pi 3 connected me to wireless.artic.edu. Cheers.