This is based on a forum post on setting up a PEAP/MSCHAPV2 connection manually. That webpage contains a number of examples on connecting to Eduroam, and some additional notes on the results.
Connecting using the script provided in the Linux section of the StrathWifi setup page does not function well in this case, missing a dependency even in a fully updated Raspberry pi. The method outlined below was found to work with Raspbian 9 (Stretch) but was originally documented in 2015, under Raspbian Wheezy.
In order to connect to Eduroam, you need a Wi-Fi login.
This takes the form of the standard /DS username abc12345 appended with @strath.ac.uk to resemble abc12345@strath.ac.uk, and an accompanying password, denoted <PASSWORD>.
The security of your private login is very important; therefore, the first step is to hash your password to a form that the computer may understand but is not human readable plain-text.
A hashed password can be generated by entering the following command in the raspberry pi terminal, which stores the result in hash.txt at the current location.
echo -n <PASSWORD> | iconv -t utf16le | openssl md4 > hash.txt
Note: The < and > symbols around <PASSWORD> indicate an item of data to be replaced and should not be included in addition to your normal password.
The > symbol before hash.txt, however, is an operator that will print the command output to file and, thus, should be included as written above.
The command above is stored in the Raspberry Pi's command history as plain-text and should therefore be removed to ensure security. This can be done by examining the command history via
history
Note the <LINE_NUMBER> of the command used in 1, then permanently remove this with
history -d <LINE_NUMBER>
The next step is to alter the Raspberry Pi's /etc/wpa_supplicant/wpa_supplicant.conf file using a text editor such as nano
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
This should then be appended to resemble the example below.
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=GB
network={
ssid="eduroam"
priority=1
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP
auth_alg=OPEN
eap=PEAP
identity="<USERNAME>@strath.ac.uk"
password=hash:<HASHED_PASSWORD>
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
Note: Here <USERNAME> is the standard /DS username of the form abc12345.
The <HASHED_PASSWORD> is the alpha-numeric string extracted from the hash.txt file created above, resembling
(stdin)= <HASHED_PASSWORD>
After saving the changes to /etc/wpa_supplicant/wpa_supplicant.conf the Raspberry Pi will need rebooted for the changes to take effect.
This can be conducted using the standard command
sudo reboot
Upon verifying that a successful connection has been made, the hash.txt file is no longer necessary and can be deleted by
rm hash.txt
This concludes the Eduroam Wi-Fi setup process.
Troubleshooting: Additional information can be located in the help and man pages of the above commands as well as in the original forum post.