wpa_supplicant.conf revision 1.3 
11.3Shubertf# $NetBSD: wpa_supplicant.conf,v 1.3 2015/11/26 16:07:40 hubertf Exp $
21.2Shubertf#
31.1Sspz# example wpa_supplicant config
41.1Sspz#
51.1Sspz# please refer to the wpa_supplicant.conf man page
61.1Sspz
71.1Sspz# wpa_cli and dhcpcd won't work well if you have no ctrl_interface set
81.1Sspz# the value must be a directory, the sockets will be named after the interfaces
91.1Sspzctrl_interface=/var/run/wpa_supplicant/
101.1Sspz
111.1Sspz# if non-root should be allowed to send wpa_supplicant commands via wpa_cli
121.1Sspz# name a group whose members will be Allowed(tm)
131.1Sspzctrl_interface_group=wheel
141.1Sspz
151.3Shubertf# simple WPA-PSK, a favourite with conferences and hotel networks
161.3Shubertfnetwork={
171.3Shubertf	ssid="SomeConference"
181.3Shubertf	key_mgmt=WPA-PSK
191.3Shubertf	psk="secretKey"
201.3Shubertf}
211.3Shubertf
221.3Shubertf# a private WPA-PSK that doesn't broadcast its SSID
231.3Shubertfnetwork={
241.3Shubertf	ssid="HomeSweetHome"
251.3Shubertf	key_mgmt=WPA-PSK
261.3Shubertf	psk="secretKey"
271.3Shubertf	scan_ssid=1
281.3Shubertf}
291.3Shubertf
301.1Sspz# WEP .. all the stopping power of a "please keep off the lawn" sign
311.1Sspz# least common denominator "security" so it's formally not open
321.1Sspznetwork={
331.1Sspz	ssid="TheLawn"
341.1Sspz	key_mgmt=NONE
351.1Sspz	wep_tx_keyidx=0
361.1Sspz	#wep_key0="pleasekeepoff"
371.1Sspz	wep_key0=706c656173656b6565706f6666
381.1Sspz	priority=2
391.1Sspz}
401.1Sspz
411.1Sspz# using eduroam for more examples:
421.1Sspz
431.1Sspz## eduroam with PEAP/MSCHAPv2
441.1Sspz#network={
451.1Sspz#	ssid="eduroam"
461.1Sspz#	scan_ssid=1
471.1Sspz#
481.1Sspz#	# The 'identity' is the username used for authentication.
491.1Sspz#	identity="user1234@your.university.domain"
501.1Sspz#
511.1Sspz#	# add yours
521.1Sspz#	password="myPassword"
531.1Sspz#
541.1Sspz#	# download a fitting CA cert and put the path to it here
551.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
561.1Sspz#
571.1Sspz#	# where the authentication requests should be routed to
581.1Sspz#	anonymous_identity="anonymous@your.university.domain"
591.1Sspz#
601.1Sspz#	key_mgmt=WPA-EAP
611.1Sspz#	auth_alg=OPEN
621.1Sspz#	eap=PEAP
631.1Sspz#	phase2="auth=MSCHAPv2"
641.1Sspz#
651.1Sspz#	priority=5
661.1Sspz#}
671.1Sspz#
681.1Sspz## eduroam with EAP-TLS
691.1Sspz#network={
701.1Sspz#	ssid="eduroam"
711.1Sspz#	scan_ssid=1
721.1Sspz#
731.1Sspz#	# The 'identity' is the username used for authentication.
741.1Sspz#	identity="user1234@your.university.domain"
751.1Sspz#
761.1Sspz#	client_cert="/home/you/eduroam/user.cert"
771.1Sspz#	private_key="/home/you/eduroam/user.key"
781.1Sspz#	private_key_passwd="s3kr3t"
791.1Sspz#
801.1Sspz#	# download a fitting CA cert and put the path to it here
811.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
821.1Sspz#
831.1Sspz#	# where the authentication requests should be routed to
841.1Sspz#	anonymous_identity="anonymous@your.university.domain"
851.1Sspz#
861.1Sspz#	key_mgmt=WPA-EAP
871.1Sspz#	auth_alg=OPEN
881.1Sspz#	eap=TLS
891.1Sspz#
901.1Sspz#	priority=4
911.1Sspz#}
921.1Sspz#
931.1Sspz## eduroam with TTLS+PAP
941.1Sspz#network={
951.1Sspz#	ssid="eduroam"
961.1Sspz#	scan_ssid=1
971.1Sspz#
981.1Sspz#	# The 'identity' is the username used for authentication.
991.1Sspz#	identity="user1234@your.university.domain"
1001.1Sspz#
1011.1Sspz#	# add yours
1021.1Sspz#	password="myPassword"
1031.1Sspz#
1041.1Sspz#	# download a fitting CA cert and put the path to it here
1051.1Sspz#	ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem"
1061.1Sspz#
1071.1Sspz#	# where the authentication requests should be routed to
1081.1Sspz#	anonymous_identity="anonymous@your.university.domain"
1091.1Sspz#
1101.1Sspz#	key_mgmt=WPA-EAP
1111.1Sspz#	auth_alg=OPEN
1121.1Sspz#	eap=TTLS
1131.1Sspz#	phase2="auth=PAP"
1141.1Sspz#
1151.1Sspz#	priority=3
1161.1Sspz#}
1171.1Sspz#
118