You are not logged in.

#1 2016-10-27 14:26:58

eichhorn
Member
Registered: 2016-10-27
Posts: 8

[Solved] Eduroam - connecting with netctl

I have somewhat simillar issue, so it would be nice if you can help me as well.

My eduroam works with both ConnMan and Networkmanager, but there were lots of bugs for me in the first one, while the second is losing connection somenimes and is generally more resource-heavy, so I decided to try netctl. It works great, but doesn't seem to work with my eduroam at all.

Here are my configs and errors:

Initial config, that I made from example and file provided for wicd on the page of my university (though it might be out of date)

Description='Freiburg University Network'
Interface=wlp4s0
Connection=wireless
Security=wpa-configsection
IP=dhcp
IP6=stateless
WPAConfigSection=(
    'ssid="eduroam"'
    'key_mgmt=WPA-EAP'
    'pairwise=CCMP TKIP'
    'group=CCMP TKIP'
    'eap=PEAP'
    'identity="login"'
    'password="password"'
    'ca_cert="/home/eichhorn/.config/wireless/g_rootcert.crt"'
    'phase2="auth=MSCHAPv2"'
}

Connection doesn't work and 'systemctl status' says

line 7: unexpected EOF while looking for matching '}'
starting network profile 'eduroam'
WPA association failed for interface 'wlp4s0'
Failed to bring the network up for profile 'eduroam'
netctl@eduroam.service: Main process exited, code=exited, status=1/FAILURE
Failed to start Networking for netctl profile eduroam.

So I decided, that if it didn't like line 7, I'll change it to the proper config-file.

Description='Freiburg University Network'
Interface=wlp4s0
Connection=wireless
Security=wpa-config
WPAConfigFile='/home/eichhorn/.config/wireless/eduroam.conf'
IP=dhcp

Where the config will be

  1 network={
  2     ssid="eduroam"
  3 #    proto="RSN"
  4     key_mgmt=WPA-EAP
  5     pairwise=CCMP TKIP
  6     group=CCMP TKIP
  7     eap=PEAP
  8     identity="login"
  9     password="password"
 10     ca_cert="/home/eichhorn/.config/wireless/g_rootcert.crt"
 11     phase2="auth=MSCHAPv2"
 12 }

I deleted the 'proto' line, since wpa_supplicant didn't like it.

But then another problem arises:

Failed to connect to non-global ctrl_ifname: wlp4s0 error: No such file or directory
Failed to connect to non-global ctrl_ifname: wlp4s0 error: No such file or directory
Failed to connect to non-global ctrl_ifname: wlp4s0 error: No such file or directory
WPA association failed for interface 'wlp4s0'
Failed to connect to non-global ctrl_ifname: wlp4s0 error: No such file or directory
ailed to bring the network up for profile 'eduroam'
netctl@eduroam.service: Main process exited, code=exited, status=1/FAILURE
Failed to start Networking for netctl profile eduroam

If I run 'sudo wpa_supplicant -B -i wlp4s0 -c /home/eichhorn/.config/wireless/eduroam.conf', wpa_supplicant starts with no problem.

Here's the config generated by NetworkManager:

[connection]
id=eduroam
uuid=ba932120-41c9-4bc4-ac21-b0e217588b95
type=wifi
permissions=user:eichhorn:;
secondaries=
timestamp=1477472654

[wifi]
mac-address=E4:A7:A0:01:B1:16
mac-address-blacklist=
mac-address-randomization=0
mode=infrastructure
seen-bssids=18:64:72:C8:F9:91;00:0B:86:86:54:51;00:0B:86:28:96:61;
ssid=eduroam

[wifi-security]
group=
key-mgmt=wpa-eap
pairwise=
proto=

[802-1x]
altsubject-matches=
eap=peap;
identity=login
password=password
phase2-altsubject-matches=
phase2-auth=mschapv2

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto

And here is WiCd config, that can be downloaded from the uni-wiki:

name = Eduroam Uni Freiburg
author = schneidm at informatik.uni-freiburg.de
version = 1
require identity *Username password *Password
optional ca_cert *Path_to_CA_Cert
protected password *Password
-----
ctrl_interface=/var/run/wpa_supplicant
network={
    ssid="$_ESSID"
    proto=RSN
    key_mgmt=WPA-EAP
    pairwise=CCMP TKIP
    group=CCMP TKIP
    eap=PEAP
    identity="$_IDENTITY"
    ca_cert="$_CA_CERT"
    password="$_PASSWORD"
    phase2="auth=MSCHAPv2"
}

Here's the link to the page with settings for all kinds of devices: https://wiki.uni-freiburg.de/rz/doku.ph … an-eduroam

I will try adding parrword to the stage2 line, as was suggested earlier in the thread, but I will not be near the uni untill tomorrow and will greatly appreciate any help.

P.S. I think that the provided config might be out of date, since connman worked with PAP, instead of MSCHAPv2 in its configuration file.

SOLUTION was to capitalize "v" in "MSCHAPv2. Thanks to cmlr"

Last edited by eichhorn (2016-11-09 09:23:26)

Offline

#2 2016-10-27 15:40:02

WorMzy
Forum Moderator
From: Scotland
Registered: 2010-06-16
Posts: 11,787
Website

Re: [Solved] Eduroam - connecting with netctl

Please don't hijack another user's topic..

Mod note: splitting off from https://bbs.archlinux.org/viewtopic.php?id=202462

EDIT: Please also use code tags, not quote tags, for your config snippets.

https://wiki.archlinux.org/index.php/Co … s_and_code

Last edited by WorMzy (2016-10-27 15:42:26)


Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD

Making lemonade from lemons since 2015.

Online

#3 2016-10-27 15:50:22

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

Sorry, not used to the forum culture.

Offline

#4 2016-10-28 16:29:43

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

I have tried adding password to the stage2 as was suggested in the nearby thread, but it didn't help and I got errors again.

Maybe the problem is with my wpa_supplicant? Even though it starts correctly on its own, wpa_cli still can not connect to it.

When connecting with netctl:

  
   echhorn@chrysalis ~> netctl start eduroam
   ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
   Authentication is required to start 'netctl@eduroam.service'.
   Authenticating as: eichhorn
   Password:
   ==== AUTHENTICATION COMPLETE ===
   Job for netctl@eduroam.service failed because the control process exited with error code.
  See "systemctl status netctl@eduroam.service" and "journalctl -xe" for details.
  eichhorn@chrysalis ~> systemctl status netctl@eduroam.service
  ● netctl@eduroam.service - Networking for netctl profile eduroam
     Loaded: loaded (/usr/lib/systemd/system/netctl@.service; static; vendor preset: disabled)
     Active: failed (Result: exit-code) since Fri 2016-10-28 13:23:29 CEST; 11s ago
       Docs: man:netctl.profile(5)
    Process: 1019 ExecStart=/usr/lib/network/network start %I (code=exited, status=1/FAILURE)
   Main PID: 1019 (code=exited, status=1/FAILURE)
  
  Oct 28 13:23:13 chrysalis systemd[1]: Starting Networking for netctl profile eduroam...
  Oct 28 13:23:13 chrysalis network[1019]: /etc/netctl/eduroam: line 7: unexpected EOF while looking for matching `)'
  Oct 28 13:23:13 chrysalis network[1019]: Starting network profile 'eduroam'...
  Oct 28 13:23:29 chrysalis network[1019]: WPA association/authentication failed for interface 'wlp4s0'
  Oct 28 13:23:29 chrysalis network[1019]: Failed to bring the network up for profile 'eduroam'
  Oct 28 13:23:29 chrysalis systemd[1]: netctl@eduroam.service: Main process exited, code=exited, status=1/FAILURE
  Oct 28 13:23:29 chrysalis systemd[1]: Failed to start Networking for netctl profile eduroam.
  Oct 28 13:23:29 chrysalis systemd[1]: netctl@eduroam.service: Unit entered failed state.
  Oct 28 13:23:29 chrysalis systemd[1]: netctl@eduroam.service: Failed with result 'exit-code'.
 

 
When using wpa_supplicant directly:

  eichhorn@chrysalis ~> sudo wpa_supplicant -B -i wlp4s0 -c /home/eichhorn/.config/wireless/eduroam.conf
 [sudo] password for eichhorn:
 Successfully initialized wpa_supplicant

Wpa_cli:

eichhorn@chrysalis ~> wpa_cli -i wlp4s0 status
 Failed to connect to non-global ctrl_ifname: wlp4s0  error: No such file or directory
 eichhorn@chrysalis ~> wpa_cli
 wpa_cli v2.6
 Copyright (c) 2004-2016, Jouni Malinen <j@w1.fi> and contributors
 
 This software may be distributed under the terms of the BSD license.
 See README for more details.
 
 
 
 Interactive mode
 
Could not connect to wpa_supplicant: (nil) - re-trying

Dhcp:

eichhorn@chrysalis ~> sudo dhcpcd wlp4s0
wlp4s0: waiting for carrier
timed out
dhcpcd exited

Last edited by eichhorn (2016-10-28 16:31:01)

Offline

#5 2016-11-03 11:41:48

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

Ok, out of 4 connection managers only 2 work. I've tried connman, NetworkManager, Wicd and  netctl. Config for Wicd was taken directly from my University web page. I'm starting to think that there really is a problem with wpa_supplicant.

Here are configs for connman and NetworkManager that connect and  work (NM seems to be working better)

[global]
Name = eduroam
Description = 'Uni Freiburg eduroam'
[service_eduroam]
Type = wifi
IPv4 = dhcp
IPv6 = auto
Name = eduroam
Passphrase = password
Security = ieee8021x
EAP = peap
CACertFile = /home/eichhorn/.config/wireless/g_rootcert.crt
Identity = login@uni-freiburg.de
Phase2 = MSCHAPV2
[connection]
id=eduroam
uuid=ba932120-41c9-4bc4-ac21-b0e217588b95
type=wifi
permissions=user:eichhorn:;
secondaries=
timestamp=1478078130

[wifi]
mac-address=E4:A7:A0:01:B1:16
mac-address-blacklist=
mac-address-randomization=0
mode=infrastructure
seen-bssids=18:64:72:C8:FA:71;18:64:72:C8:F9:91;00:0B:86:2A:F5:71;18:64:72:67:BF:D0;00:0B:86:2A:FC:21;00:0B:86:28:96:61;00:0B:86:2A:F7:71;18:64:72:C8:F9:C1;18:64:72:C8:F1:51;00:0B:86:86:54:51;18:64:72:C8:F9:D1;
ssid=eduroam

[wifi-security]
group=
key-mgmt=wpa-eap
pairwise=
proto=

[802-1x]
altsubject-matches=
eap=peap;
identity=login@uni-freiburg.de
password=password
phase2-altsubject-matches=
phase2-auth=mschapv2

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=auto

Now there's a wicd config:

name = Eduroam Uni Freiburg
author = schneidm at informatik.uni-freiburg.de
version = 1
require identity *Username password *Password
optional ca_cert *Path_to_CA_Cert
protected password *Password
-----
ctrl_interface=/var/run/wpa_supplicant
network={
    ssid="$_ESSID"
    proto=RSN
    key_mgmt=WPA-EAP
    pairwise=CCMP TKIP
    group=CCMP TKIP
    eap=PEAP
    identity="$_IDENTITY"
    ca_cert="$_CA_CERT"
    password="$_PASSWORD"
    phase2="auth=MSCHAPv2"
}

But when I run 'wicd-client' and try to connect, it fails at the Authentication phase, stating that my password is bad (I triple-checked that it's the same as for connman and nm)

setting encryption info...
/usr/share/wicd/gtk/gui.py:583: Warning: Source ID 57 was not found when attempting to remove it
  gobject.source_remove(self.update_cb)
setting encryption info...
/usr/share/wicd/gtk/gui.py:583: Warning: Source ID 2263 was not found when attempting to remove it
  gobject.source_remove(self.update_cb)
ERROR:dbus.connection:Exception in handler for D-Bus signal:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/dbus/connection.py", line 230, in maybe_handle_message
    self._handler(*args, **kwargs)
  File "/usr/share/wicd/gtk/gui.py", line 281, in handle_connection_results
    error(self.window, language[results], block=False)
KeyError: dbus.String(u'bad_pass')

And here is my config for 'netctl'

Description='Freiburg University Network'
Interface=wlp4s0
Connection=wireless
Security=wpa-configsection
IP=dhcp
WPAConfigSection=(
    'ssid="eduroam"'
    'key_mgmt=WPA-EAP'
    'pairwise=CCMP TKIP'
    'group=CCMP TKIP'
    'eap=PEAP'
    'proto=RSN'
    'identity="login@uni-freiburg.de"'
    'password="password"'
    'ca_cert="/home/eichhorn/.config/wireless/g_rootcert.crt"'
    'phase2="auth=MSCHAPv2"'
}

And what 'systemctl status netctl@eduroam.service' returns:

● netctl@eduroam.service - Networking for netctl profile eduroam
   Loaded: loaded (/usr/lib/systemd/system/netctl@.service; static; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2016-11-03 12:34:27 CET; 52s ago
     Docs: man:netctl.profile(5)
  Process: 607 ExecStart=/usr/lib/network/network start %I (code=exited, status=1/FAILURE)
 Main PID: 607 (code=exited, status=1/FAILURE)

Nov 03 12:34:10 chrysalis systemd[1]: Starting Networking for netctl profile eduroam...
Nov 03 12:34:10 chrysalis network[607]: /etc/netctl/eduroam: line 6: unexpected EOF while looking for matching `)'
Nov 03 12:34:10 chrysalis network[607]: Starting network profile 'eduroam'...
Nov 03 12:34:26 chrysalis network[607]: WPA association/authentication failed for interface 'wlp4s0'
Nov 03 12:34:27 chrysalis network[607]: Failed to bring the network up for profile 'eduroam'
Nov 03 12:34:27 chrysalis systemd[1]: netctl@eduroam.service: Main process exited, code=exited, status=1/FAILURE
Nov 03 12:34:27 chrysalis systemd[1]: Failed to start Networking for netctl profile eduroam.
Nov 03 12:34:27 chrysalis systemd[1]: netctl@eduroam.service: Unit entered failed state.
Nov 03 12:34:27 chrysalis systemd[1]: netctl@eduroam.service: Failed with result 'exit-code'.

wpa_cli still says that it can not connect to supplicant.

Last edited by eichhorn (2016-11-03 11:44:10)

Offline

#6 2016-11-04 11:09:25

sagattarii
Member
Registered: 2008-11-10
Posts: 19

Re: [Solved] Eduroam - connecting with netctl

Please stop just changing random stuff if it is not working. First of all, why not use NetworkManager when it is working fine? You wrote something about losing connections but you didn't provide a log file for this. NetworkManager is afaik the "standard" and used by many DE users. If NetworkManager can connect, then the reason why the other managers are not working is probably bad configuration.
You provided an error in your first post but you never resolved it, instead you just ignored it and installed another network manager.

Nov 03 12:34:10 chrysalis network[607]: /etc/netctl/eduroam: line 6: unexpected EOF while looking for matching `)'

You start with "WPAConfigSection=(" but close the brackets with "}".

Offline

#7 2016-11-04 16:20:22

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

Thank you, sagattarii, that's probably it.

EDIT: Nope, still fails. I'm out of ideas.

Connman connects with this config

[global]
Name = eduroam
Description = 'Uni Freiburg eduroam'
[service_eduroam]
Type = wifi
IPv4 = dhcp
IPv6 = auto
Name = eduroam
Passphrase = password
Security = ieee8021x
EAP = peap
CACertFile = /etc/ca-certificates/trust-source/anchors/g_rootcert.crt
Identity = login@uni-freiburg.de
Phase2 = MSCHAPV2

And netctl returns

● netctl@eduroam.service - Networking for netctl profile eduroam
   Loaded: loaded (/usr/lib/systemd/system/netctl@.service; static; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2016-11-05 12:34:05 CET; 3min 32s ago
     Docs: man:netctl.profile(5)
  Process: 578 ExecStart=/usr/lib/network/network start %I (code=exited, status=1/FAILURE)
 Main PID: 578 (code=exited, status=1/FAILURE)

Nov 05 12:33:49 chrysalis systemd[1]: Starting Networking for netctl profile eduroam...
Nov 05 12:33:49 chrysalis network[578]: Starting network profile 'eduroam'...
Nov 05 12:34:05 chrysalis network[578]: WPA association/authentication failed for interface 'wlp4s0'
Nov 05 12:34:05 chrysalis network[578]: Failed to bring the network up for profile 'eduroam'
Nov 05 12:34:05 chrysalis systemd[1]: netctl@eduroam.service: Main process exited, code=exited, status=1/FAILURE
Nov 05 12:34:05 chrysalis systemd[1]: Failed to start Networking for netctl profile eduroam.
Nov 05 12:34:05 chrysalis systemd[1]: netctl@eduroam.service: Unit entered failed state.
Nov 05 12:34:05 chrysalis systemd[1]: netctl@eduroam.service: Failed with result 'exit-code'.

With this config

Description='Freiburg University Network'
Interface=wlp4s0
Connection=wireless
Security=wpa-configsection
IP=dhcp
WPAConfigSection=(
    'ssid="eduroam"'
    'key_mgmt=WPA-EAP'
    'pairwise=CCMP TKIP'
    'group=CCMP TKIP'
    'eap=PEAP'
    'proto=RSN'
    'identity="login@uni-freiburg.de"'
    'password="password"'
    'ca_cert="/etc/ca-certificates/trust-source/anchors/g_rootcert.crt"'
    'phase2="auth=MSCHAPv2"'
)

Last edited by eichhorn (2016-11-05 11:41:31)

Offline

#8 2016-11-07 10:48:33

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

Maybe this can help in determining the root of the problem?

When I power laptop on, connman connects with no problem, but if I turn wifi off or put it to sleep, it starts having problems. such as not connecting or dropping the connection after some time. If I turn wifi on/off, it will likely reconnect. Here's the output from connman-gtk:

When I start it:

(connman-gtk:12938): Gtk-WARNING **: Failed to get the GNOME session proxy: The name org.gnome.SessionManager is not owned

(connman-gtk:12938): Gtk-WARNING **: Failed to get the Xfce session proxy: The name org.xfce.SessionManager is not owned

(connman-gtk:12938): Gtk-WARNING **: Failed to get an inhibit portal proxy: The name org.freedesktop.portal.Desktop is not owned

When it disconnects:

** (connman-gtk:12938): WARNING **: failed to scan wifi: Timeout was reached

And when I try to reconnect:

** (connman-gtk:12938): WARNING **: failed to toggle connection state: GDBus.Error:net.connman.Error.OperationAborted: Operation aborted

** (connman-gtk:12938): WARNING **: failed to toggle connection state: GDBus.Error:net.connman.Error.OperationAborted: Operation aborted

** (connman-gtk:12938): WARNING **: failed to toggle connection state: GDBus.Error:net.connman.Error.OperationAborted: Operation aborted

** (connman-gtk:12938): WARNING **: failed to toggle connection state: GDBus.Error:net.connman.Error.OperationAborted: Operation aborted

** (connman-gtk:12938): WARNING **: failed to toggle connection state: GDBus.Error:net.connman.Error.OperationAborted: Operation aborted

** (connman-gtk:12938): WARNING **: failed to scan wifi: GDBus.Error:net.connman.Error.Failed: Device or resource busy

** (connman-gtk:12938): WARNING **: failed to scan wifi: GDBus.Error:net.connman.Error.Failed: Device or resource busy

** (connman-gtk:12938): WARNING **: failed to scan wifi: GDBus.Error:net.connman.Error.NoCarrier: No carrier

In my home wifi network with simple 16-character wpa password everything works nice (at leart with netctl, didn't try with connman, since it just works).

Maybe I should run some tests? I will provide any output you may need. I'd really love to get everytning to netctl.

Offline

#9 2016-11-07 20:30:55

cmlr
Member
From: Rochester, NY, USA
Registered: 2007-04-18
Posts: 99

Re: [Solved] Eduroam - connecting with netctl

According to this bug discussion, you should change your configuration from

'phase2="auth=MSCHAPv2"'

to

'phase2="auth=MSCHAPV2"'

That is, capitalize the letter "V".

Last edited by cmlr (2016-11-07 20:55:52)

Offline

#10 2016-11-09 09:22:04

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

Thank you very much, cmlr!
It actually worked.

Offline

#11 2016-11-15 08:42:11

Arvids
Member
Registered: 2016-02-01
Posts: 4

Re: [Solved] Eduroam - connecting with netctl

Did netctl work better with Eduroam than NetworkManager?

Offline

#12 2016-11-15 19:09:35

eichhorn
Member
Registered: 2016-10-27
Posts: 8

Re: [Solved] Eduroam - connecting with netctl

I would say yes. It reconnects more reliably and generally seems to have less issues with connections. Overall, I'd say that my laptop stays connected more and I had no problems connecting, while there were times with NetworkManager when my phone was able to maintain connection while NM was just reconnecting constantly.

However, quality of our university network fluctuates and this is probably rather subjective. But I do not want to return to NM at all.

Offline

Board footer

Powered by FluxBB