On Wed, 25 Sep 2019 at 12:33, Paul Menzel <[email protected]> wrote: > On 25.09.19 12:27, Andrew Zaborowski wrote: > > I replied to that issue but provisioning EAP networks other than > > through the config files is not currently on IWD's todo list. You > > didn't really explain your use case. The logic is that the user > > shouldn't have to touch that configuration, it should be enough for > > them or their admin to drop the network's configuration file into > > /var/lib/iwd. There is specific code in the NM iwd-backend to make > > sure no extra NM-side configuration is required after this is done > > correctly. > > > > ... > > There are self-managed devices. In our case these are scientists using > the Eduroam net. It was possible to configure such a network before > using the GNOME WiFi dialog, and I think it should continue to be supported.
So I know Eduroam admins may not be very cooperative but they still have to provide users with the certificate file, the private key and hopefully some instructions on the site's Eduroam configuration (the EAP methods and other details vary between campuses) so it'd actually be easier for them to provide the config file directly, and it'd also be easier for their users. This can also be done by one your users provided everyone has their certificate and private key already. I believe there's now also an auto-configuration tool for eduroam called CAT. Maybe you should also address proposals to that project. When I was an eduroam user myself I didn't use CAT, I actually used the GNOME nm-applet's wifi dialog to configure access but it took me many attempts and was far from the ideal way to do this. I remember the admins did provide mac-compatible config files and today I'd much prefer to simply convert that using our script (in tools/ios_convert.py) than to have to guess individual eap settings. I don't believe the script has been tested with eduroam yet. > > Also it looks like, the password is stored in plain text in the iwd > configuration file (in some examples). While this is not recommended the password can be stored in the config file so that you don't have to type it through the secrets dialog every time, it's your or the admin's choice. Best regards _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
