...
- Remove CA certificate requirements for WPA2 connections
- This requires that you use Network Manager as a network connection manager (the default in Ubuntu, Debian, and most Linux systems), and that Network Manager is managing your Wi-Fi card. You can check on this by typing
nmcli device
and looking at the "STATE" column for your wireless device; if it says "unmanaged", then you must set up Network Manager to manage that device. - As root, edit the file
/etc/NetworkManager/system-connections/eduroam.nmconnection
(or something similar) using your favorite text editor (nano, vim, gedit, etc.). Remove the linesystem-ca-cert=true
. If that line is not present, you may add this field and set it to false by adding the linesystem-ca-cert=false
. - Taken from (and described) here https://askubuntu.com/a/295600
- This requires that you use Network Manager as a network connection manager (the default in Ubuntu, Debian, and most Linux systems), and that Network Manager is managing your Wi-Fi card. You can check on this by typing
- Enable deprecated security renegotiation protocols in
wpa_supplicant
. Basically, some eduroam setups may still be using SHA-1 cryptography, which is blocked by default on many newer systems (like Ubuntu 22.04). There are a couple of methods for unblocking this:- Edit your
wpa_supplicant
(the program that handles WPA/WPA2 networks) configuration. There are several steps, see https://askubuntu.com/a/1405397 for details. - Downgrade
wpasupplicant
andlibssl
packages (not recommended)- Basically requires downloading older versions of these two packages and installing them onto your system. More details can be found at http://galileo.phys.virginia.edu/compfac/faq/linux-eduroam.html under "Option 2: Manual Setup."
- Note that this is very unsafe and, in my opinion, more likely to end up with package conflicts in the long term. Your machine would almost certainly be vulnerable to a number of attacks, as
libssl
is a core library used in many other security programs in Linux (not just your network connections). Also, many other programs will require newer versions of these packages, which could block you from installing critical updates in the future. Preventing future updates makes all of this even worse.
- Edit your
For more information on the WPA2/CA Certificate problems, see:
...