From Gentoo Wiki
Jump to:navigation Jump to:search
This article is a stub. Please help out by expanding it - how to get started.
Article status
This article needs wikification.

eduroam (education roaming) is an international Wi-Fi internet access roaming service for users in research, higher education and further education. [1] Eduroam is based on 802.1x. This article will describe how to configure Gentoo to connect to eduroam.



The eduroam Configuration Assistant Tool (CAT) has been developed to help organizations offering their users eduroam access.  The tool builds customized installers for a range of popular PC and smartphone platforms and enhances the security for the end user. [2]

The installer can be downloaded at

NetworkManager (nmcli)

The connection can also be added manually into NetworkManager using nmcli.

nmcli connection add type wifi con-name $CONNAME        \
        connection.permissions $LOGNAME                 \
        802-11-wireless.ssid $CONNAME                   \
        802-11-wireless-security.key-mgmt wpa-eap       \ ccmp,tkip        \
        802-11-wireless-security.pairwise ccmp          \
        802-11-wireless-security.proto rsn              \
        802-1x.altsubject-matches      \
        802-1x.anonymous-identity     \
        802-1x.eap peap                                 \
        802-1x.identity $USERNAME                       \
        802-1x.password $PASSWORD                       \
        802-1x.phase2-auth mschapv2                     \
        ipv4.method auto                                \
        ipv6.addr-gen-mode stable-privacy               \
        ipv6.method auto

This script is tested at Tampere University, Finland. Configuration may differ at different institutions, especially parameters 802-1x.altsubject-matches and 802-1x.anonymous-identity seem like they are specific for Tampere University. is also a networking project like eduroam working in Finland. The upper script works also for, only the SSID is different. Please set variableCONNAME="".

Beware of the risks of storing passwords in configuration files or scripts, it can be a security issue. Follow standard best practices, do not use the same password for different accounts. Never store sensitive credentials in plain text files.

KDE Plasma settings

Below are screenshots from KDE Plasma desktop environment system settings program regarding eduroam wi-fi configuration.

External Links