1*dd1cd640Snia# $NetBSD: wpa_supplicant.conf,v 1.5 2023/10/10 07:21:00 nia Exp $ 2d5d98969Shubertf# 38797028bSspz# example wpa_supplicant config 48797028bSspz# 58797028bSspz# please refer to the wpa_supplicant.conf man page 68797028bSspz 78797028bSspz# wpa_cli and dhcpcd won't work well if you have no ctrl_interface set 88797028bSspz# the value must be a directory, the sockets will be named after the interfaces 98797028bSspzctrl_interface=/var/run/wpa_supplicant/ 108797028bSspz 118797028bSspz# if non-root should be allowed to send wpa_supplicant commands via wpa_cli 128797028bSspz# name a group whose members will be Allowed(tm) 138797028bSspzctrl_interface_group=wheel 148797028bSspz 15*dd1cd640Snia# an unencrypted network 16*dd1cd640Snianetwork={ 17*dd1cd640Snia ssid="Freifunk" 18*dd1cd640Snia key_mgmt=NONE 19*dd1cd640Snia priority=10 20*dd1cd640Snia} 21*dd1cd640Snia 22f8f91eb8Shubertf# simple WPA-PSK, a favourite with conferences and hotel networks 23f8f91eb8Shubertfnetwork={ 24f8f91eb8Shubertf ssid="SomeConference" 25f8f91eb8Shubertf key_mgmt=WPA-PSK 26f8f91eb8Shubertf psk="secretKey" 27*dd1cd640Snia priority=20 28f8f91eb8Shubertf} 29f8f91eb8Shubertf 30f8f91eb8Shubertf# a private WPA-PSK that doesn't broadcast its SSID 31f8f91eb8Shubertfnetwork={ 32f8f91eb8Shubertf ssid="HomeSweetHome" 33f8f91eb8Shubertf key_mgmt=WPA-PSK 34f8f91eb8Shubertf psk="secretKey" 35f8f91eb8Shubertf scan_ssid=1 36*dd1cd640Snia priority=30 37f8f91eb8Shubertf} 38f8f91eb8Shubertf 398797028bSspz# WEP .. all the stopping power of a "please keep off the lawn" sign 408797028bSspz# least common denominator "security" so it's formally not open 418797028bSspznetwork={ 428797028bSspz ssid="TheLawn" 438797028bSspz key_mgmt=NONE 448797028bSspz wep_tx_keyidx=0 458797028bSspz #wep_key0="pleasekeepoff" 468797028bSspz wep_key0=706c656173656b6565706f6666 478797028bSspz priority=2 488797028bSspz} 498797028bSspz 508797028bSspz# using eduroam for more examples: 518797028bSspz 528797028bSspz## eduroam with PEAP/MSCHAPv2 538797028bSspz#network={ 548797028bSspz# ssid="eduroam" 558797028bSspz# scan_ssid=1 568797028bSspz# 578797028bSspz# # The 'identity' is the username used for authentication. 588797028bSspz# identity="user1234@your.university.domain" 598797028bSspz# 608797028bSspz# # add yours 618797028bSspz# password="myPassword" 628797028bSspz# 638797028bSspz# # download a fitting CA cert and put the path to it here 648797028bSspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 658797028bSspz# 668797028bSspz# # where the authentication requests should be routed to 678797028bSspz# anonymous_identity="anonymous@your.university.domain" 688797028bSspz# 698797028bSspz# key_mgmt=WPA-EAP 708797028bSspz# auth_alg=OPEN 718797028bSspz# eap=PEAP 7223ab784fSgutteridge# phase2="auth=MSCHAPV2" 738797028bSspz# 748797028bSspz# priority=5 758797028bSspz#} 768797028bSspz# 778797028bSspz## eduroam with EAP-TLS 788797028bSspz#network={ 798797028bSspz# ssid="eduroam" 808797028bSspz# scan_ssid=1 818797028bSspz# 828797028bSspz# # The 'identity' is the username used for authentication. 838797028bSspz# identity="user1234@your.university.domain" 848797028bSspz# 858797028bSspz# client_cert="/home/you/eduroam/user.cert" 868797028bSspz# private_key="/home/you/eduroam/user.key" 878797028bSspz# private_key_passwd="s3kr3t" 888797028bSspz# 898797028bSspz# # download a fitting CA cert and put the path to it here 908797028bSspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 918797028bSspz# 928797028bSspz# # where the authentication requests should be routed to 938797028bSspz# anonymous_identity="anonymous@your.university.domain" 948797028bSspz# 958797028bSspz# key_mgmt=WPA-EAP 968797028bSspz# auth_alg=OPEN 978797028bSspz# eap=TLS 988797028bSspz# 998797028bSspz# priority=4 1008797028bSspz#} 1018797028bSspz# 1028797028bSspz## eduroam with TTLS+PAP 1038797028bSspz#network={ 1048797028bSspz# ssid="eduroam" 1058797028bSspz# scan_ssid=1 1068797028bSspz# 1078797028bSspz# # The 'identity' is the username used for authentication. 1088797028bSspz# identity="user1234@your.university.domain" 1098797028bSspz# 1108797028bSspz# # add yours 1118797028bSspz# password="myPassword" 1128797028bSspz# 1138797028bSspz# # download a fitting CA cert and put the path to it here 1148797028bSspz# ca_cert="/etc/openssl/certs/eduroam-CA-cert.pem" 1158797028bSspz# 1168797028bSspz# # where the authentication requests should be routed to 1178797028bSspz# anonymous_identity="anonymous@your.university.domain" 1188797028bSspz# 1198797028bSspz# key_mgmt=WPA-EAP 1208797028bSspz# auth_alg=OPEN 1218797028bSspz# eap=TTLS 1228797028bSspz# phase2="auth=PAP" 1238797028bSspz# 1248797028bSspz# priority=3 1258797028bSspz#} 1268797028bSspz# 127