Overview
Raspberry Pi computers can be difficult to connect to the TAMU_WiFi network due to limitations of the default network configuration manager included in the Raspbian desktop. Out of the box, the desktop is not able to connect to WPA2 Enterprise wireless networks. However, this limitation is within the desktop and not the hardware or underlying operating system.
There are two methods to enable a Raspberry Pi to connect to the TAMU_WiFi network: By using the NetworkManager application, or by editing the wireless network configuration files within the operating system itself.
Before you begin
Before performing these instructions, make sure your Raspberry Pi device is fully up to date by issuing the commands
sudo apt update
sudo apt full-upgrade
Connecting using NetworkManager
NetworkManager is used by many Linux distributions to control network connections. It is not included in the Raspbian operating system used by many Raspberry Pi by default and needs to be installed before it can be used to connect your Raspberry Pi to the TAMU_WifI wireless network.
- Connect to the internet using an available network connection such as a mobile hotspot, your home network, etc.
- Open a terminal (command line) window.
- Install NetworkManager by running the command
sudo apt install network-manager network-manager-gnome
- Disable dhcpcd by running the command
sudo systemctl disable –now dhcpcd
You need to disable dhcpcd due to the way it conflicts with NetworkManager and can prevent it from accessing your network interfaces.
- Enable NetworkManager by running the command
sudo systemctl enable –now network-manager
- Reboot the Raspberry Pi with the command
sudo reboot
Once you have rebooted your computer, you will see a new Wireless connection icon. Selecting this new icon will display WPA2 Enterprise wireless networks including TAMU_WiFi. You can select TAMU_WiFi and connect using your NetID and password.
Connecting via wpa_supplicant.conf
There are three general steps to setting up a WPA2 Enterprise connection via wpa_supplicant.conf on a Raspberry Pi.
- Define the interface.
- Hash your password.
- Configure the network.
Defining the Interface
- Create a new interface file using the command:
sudo nano /etc/network/interfaces.d/wpa2enterprise
This will use the nano text editor to create and open new file named wpa2enterprise in the directory /etc/network/interfaces.d.
- Enter the following text in the new file:
auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
pre-up wpa_supplicant -B -Dwext -i wlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf
post-down killall -q wpa_supplicant
- Enter
Ctrl+O followed by Ctrl+X to save and then close the file.
Hash Your Password
Because TAMU_WiFi used the NetID and NetID password to authenticate, you will need to enter your NetID password in the network configuration file. To prevent your password from being stored in plain, unencrypted text, we will create a hashed version of the password to use in the configuration file.
- Create a text file with a hashed version of your password using the following command:
echo -n 'your NetID password' | iconv -t utf16le | openssl md4 > hash.txt
This will convert your password into UTF16le format, create an md4 hashed version of the password using OpenSSL, and write that hashed value to the text file hash.txt.
- Open the file hash.txt with the command
less hash.txt
- Copy the hashed password value from the hash.txt file. You will use this string in the network configuration. The highlighted portion of this example is the hashed password value:
(stdin)= ebcbe2847562dedaba21103ca89
Clear Your Command History
Because you entered your NetID password in a command, it is STRONGLY ADVISED that you delete your command history, or at least the portions of it with your password, to prevent your password being stored in plain text.
- Close all terminal windows except the one you will use to clear your command history.
- Open the file .bash_history with the following command:
nano .bash_history
- Enter
Alt+Shift+T to cut all text from your cursor's current position to the end of the file. Alternately, scroll down to the specific line containing your password and enter Ctrl-K to cut that line. To minimize the chance of missing a line containing your password in the event you had to enter the hashing command multiple time, we advise you to put your cursor at the beginning of the file and use Alt-Shift-T to cut all text from your history.
- Enter
Ctrl-O and then Ctrl-X to save and exit the .bash_history file.
- Close the terminal window. When you open a new terminal window, you will have no commands in your history, and pressing the up arrow will not display any previous commands.
Configure the Network
- Open the wpa_supplicant.conf file with the following command:
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
- Enter the following configuration at the bottom of the file. In the identity line, make sure to enter your NetID in all lower case letters. In the password line, make sure to use the hashed password value generated in the previous section.
network={
ssid="TAMU_WiFi"
proto=RSN
key_mgmt=WPA-EAP
auth_alg=OPEN
eap=PEAP
identity="Your_NetID"
password=hash:Your_Password_Hash
phase1="peaplabel=0"
phase2="MSCHAPV2"
priority=1
}
- Enter
Ctrl-O and then Ctrl-X to save and exist the wpa_supplicant.conf configuration file.
- Delete the hash.txt file with the following command:
rm hash.txt
This will ensure that your hashed password is only present in the wpa_supplicant.conf file and is not needlessly stored in your home directory.
Connecting to TAMU_WiFi
Your Raspberry Pi computer should now automatically connect to the TAMU_WiFi wireless network upon boot. Other networks will remain selectable in the desktop interface, but if you connect to one of them with your Raspberry Pi, such as TAMU_Visitor or TAMU_IoT, you will not be able to reconnect to TAMU_WiFi until you reboot your computer.