11.5Snia# $NetBSD: wpa_supplicant.conf,v 1.5 2023/10/10 07:21:00 nia Exp $ 21.2Shubertf# 31.1Sspz# example wpa_supplicant config 41.1Sspz# 51.1Sspz# please refer to the wpa_supplicant.conf man page 61.1Sspz 71.1Sspz# wpa_cli and dhcpcd won't work well if you have no ctrl_interface set 81.1Sspz# the value must be a directory, the sockets will be named after the interfaces 91.1Sspzctrl_interface=/var/run/wpa_supplicant/ 101.1Sspz 111.1Sspz# if non-root should be allowed to send wpa_supplicant commands via wpa_cli 121.1Sspz# name a group whose members will be Allowed(tm) 131.1Sspzctrl_interface_group=wheel 141.1Sspz 151.5Snia# an unencrypted network 161.5Snianetwork={ 171.5Snia ssid="Freifunk" 181.5Snia key_mgmt=NONE 191.5Snia priority=10 201.5Snia} 211.5Snia 221.3Shubertf# simple WPA-PSK, a favourite with conferences and hotel networks 231.3Shubertfnetwork={ 241.3Shubertf ssid="SomeConference" 251.3Shubertf key_mgmt=WPA-PSK 261.3Shubertf psk="secretKey" 271.5Snia priority=20 281.3Shubertf} 291.3Shubertf 301.3Shubertf# a private WPA-PSK that doesn't broadcast its SSID 311.3Shubertfnetwork={ 321.3Shubertf ssid="HomeSweetHome" 331.3Shubertf key_mgmt=WPA-PSK 341.3Shubertf psk="secretKey" 351.3Shubertf scan_ssid=1 361.5Snia priority=30 371.3Shubertf} 381.3Shubertf 391.1Sspz# WEP .. all the stopping power of a "please keep off the lawn" sign 401.1Sspz# least common denominator "security" so it's formally not open 411.1Sspznetwork={ 421.1Sspz ssid="TheLawn" 431.1Sspz key_mgmt=NONE 441.1Sspz wep_tx_keyidx=0 451.1Sspz #wep_key0="pleasekeepoff" 461.1Sspz wep_key0=706c656173656b6565706f6666 471.1Sspz priority=2 481.1Sspz} 491.1Sspz 501.1Sspz# using eduroam for more examples: 511.1Sspz 521.1Sspz## eduroam with PEAP/MSCHAPv2 531.1Sspz#network={ 541.1Sspz# ssid="eduroam" 551.1Sspz# scan_ssid=1 561.1Sspz# 571.1Sspz# # The 'identity' is the username used for authentication. 581.1Sspz# identity="user1234@your.university.domain" 591.1Sspz# 601.1Sspz# # add yours 611.1Sspz# password="myPassword" 621.1Sspz# 631.1Sspz# # download a fitting CA cert and put the path to it here 641.1Sspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 651.1Sspz# 661.1Sspz# # where the authentication requests should be routed to 671.1Sspz# anonymous_identity="anonymous@your.university.domain" 681.1Sspz# 691.1Sspz# key_mgmt=WPA-EAP 701.1Sspz# auth_alg=OPEN 711.1Sspz# eap=PEAP 721.4Sgutterid# phase2="auth=MSCHAPV2" 731.1Sspz# 741.1Sspz# priority=5 751.1Sspz#} 761.1Sspz# 771.1Sspz## eduroam with EAP-TLS 781.1Sspz#network={ 791.1Sspz# ssid="eduroam" 801.1Sspz# scan_ssid=1 811.1Sspz# 821.1Sspz# # The 'identity' is the username used for authentication. 831.1Sspz# identity="user1234@your.university.domain" 841.1Sspz# 851.1Sspz# client_cert="/home/you/eduroam/user.cert" 861.1Sspz# private_key="/home/you/eduroam/user.key" 871.1Sspz# private_key_passwd="s3kr3t" 881.1Sspz# 891.1Sspz# # download a fitting CA cert and put the path to it here 901.1Sspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 911.1Sspz# 921.1Sspz# # where the authentication requests should be routed to 931.1Sspz# anonymous_identity="anonymous@your.university.domain" 941.1Sspz# 951.1Sspz# key_mgmt=WPA-EAP 961.1Sspz# auth_alg=OPEN 971.1Sspz# eap=TLS 981.1Sspz# 991.1Sspz# priority=4 1001.1Sspz#} 1011.1Sspz# 1021.1Sspz## eduroam with TTLS+PAP 1031.1Sspz#network={ 1041.1Sspz# ssid="eduroam" 1051.1Sspz# scan_ssid=1 1061.1Sspz# 1071.1Sspz# # The 'identity' is the username used for authentication. 1081.1Sspz# identity="user1234@your.university.domain" 1091.1Sspz# 1101.1Sspz# # add yours 1111.1Sspz# password="myPassword" 1121.1Sspz# 1131.1Sspz# # download a fitting CA cert and put the path to it here 1141.1Sspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 1151.1Sspz# 1161.1Sspz# # where the authentication requests should be routed to 1171.1Sspz# anonymous_identity="anonymous@your.university.domain" 1181.1Sspz# 1191.1Sspz# key_mgmt=WPA-EAP 1201.1Sspz# auth_alg=OPEN 1211.1Sspz# eap=TTLS 1221.1Sspz# phase2="auth=PAP" 1231.1Sspz# 1241.1Sspz# priority=3 1251.1Sspz#} 1261.1Sspz# 127