wpa_supplicant.conf revision 1.2 
11.2Shubertf# $NetBSD: wpa_supplicant.conf,v 1.2 2015/11/26 16:03:18 hubertf Exp $
21.2Shubertf#
31.1Sspz# example wpa_supplicant config
41.1Sspz#
51.1Sspz# please refer to the wpa_supplicant.conf man page
61.1Sspz
71.1Sspz# wpa_cli and dhcpcd won't work well if you have no ctrl_interface set
81.1Sspz# the value must be a directory, the sockets will be named after the interfaces
91.1Sspzctrl_interface=/var/run/wpa_supplicant/
101.1Sspz
111.1Sspz# if non-root should be allowed to send wpa_supplicant commands via wpa_cli
121.1Sspz# name a group whose members will be Allowed(tm)
131.1Sspzctrl_interface_group=wheel
141.1Sspz
151.1Sspz# WEP .. all the stopping power of a "please keep off the lawn" sign
161.1Sspz# least common denominator "security" so it's formally not open
171.1Sspznetwork={
181.1Sspz	ssid="TheLawn"
191.1Sspz	key_mgmt=NONE
201.1Sspz	wep_tx_keyidx=0
211.1Sspz	#wep_key0="pleasekeepoff"
221.1Sspz	wep_key0=706c656173656b6565706f6666
231.1Sspz	priority=2
241.1Sspz}
251.1Sspz
261.1Sspz# simple WPA-PSK, a favourite with conferences and hotel networks
271.1Sspznetwork={
281.1Sspz	ssid="SomeConference"
291.1Sspz	key_mgmt=WPA-PSK
301.1Sspz	psk="secretKey"
311.1Sspz}
321.1Sspz
331.1Sspz# using eduroam for more examples:
341.1Sspz
351.1Sspz## eduroam with PEAP/MSCHAPv2
361.1Sspz#network={
371.1Sspz#	ssid="eduroam"
381.1Sspz#	scan_ssid=1
391.1Sspz#
401.1Sspz#	# The 'identity' is the username used for authentication.
411.1Sspz#	identity="user1234@your.university.domain"
421.1Sspz#
431.1Sspz#	# add yours
441.1Sspz#	password="myPassword"
451.1Sspz#
461.1Sspz#	# download a fitting CA cert and put the path to it here
471.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
481.1Sspz#
491.1Sspz#	# where the authentication requests should be routed to
501.1Sspz#	anonymous_identity="anonymous@your.university.domain"
511.1Sspz#
521.1Sspz#	key_mgmt=WPA-EAP
531.1Sspz#	auth_alg=OPEN
541.1Sspz#	eap=PEAP
551.1Sspz#	phase2="auth=MSCHAPv2"
561.1Sspz#
571.1Sspz#	priority=5
581.1Sspz#}
591.1Sspz#
601.1Sspz## eduroam with EAP-TLS
611.1Sspz#network={
621.1Sspz#	ssid="eduroam"
631.1Sspz#	scan_ssid=1
641.1Sspz#
651.1Sspz#	# The 'identity' is the username used for authentication.
661.1Sspz#	identity="user1234@your.university.domain"
671.1Sspz#
681.1Sspz#	client_cert="/home/you/eduroam/user.cert"
691.1Sspz#	private_key="/home/you/eduroam/user.key"
701.1Sspz#	private_key_passwd="s3kr3t"
711.1Sspz#
721.1Sspz#	# download a fitting CA cert and put the path to it here
731.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
741.1Sspz#
751.1Sspz#	# where the authentication requests should be routed to
761.1Sspz#	anonymous_identity="anonymous@your.university.domain"
771.1Sspz#
781.1Sspz#	key_mgmt=WPA-EAP
791.1Sspz#	auth_alg=OPEN
801.1Sspz#	eap=TLS
811.1Sspz#
821.1Sspz#	priority=4
831.1Sspz#}
841.1Sspz#
851.1Sspz## eduroam with TTLS+PAP
861.1Sspz#network={
871.1Sspz#	ssid="eduroam"
881.1Sspz#	scan_ssid=1
891.1Sspz#
901.1Sspz#	# The 'identity' is the username used for authentication.
911.1Sspz#	identity="user1234@your.university.domain"
921.1Sspz#
931.1Sspz#	# add yours
941.1Sspz#	password="myPassword"
951.1Sspz#
961.1Sspz#	# download a fitting CA cert and put the path to it here
971.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
981.1Sspz#
991.1Sspz#	# where the authentication requests should be routed to
1001.1Sspz#	anonymous_identity="anonymous@your.university.domain"
1011.1Sspz#
1021.1Sspz#	key_mgmt=WPA-EAP
1031.1Sspz#	auth_alg=OPEN
1041.1Sspz#	eap=TTLS
1051.1Sspz#	phase2="auth=PAP"
1061.1Sspz#
1071.1Sspz#	priority=3
1081.1Sspz#}
1091.1Sspz#
110