# This is /etc/wpa_supplicant/wpa_supplicant.mycon.conf .
#
# Copyright 2022 nona
# License: Gnu Public License version 3 (GPLv3)
#
# Change the password (and SSID) as needed
# Use like this:
#   chmod 600 /etc/wpa_supplicant/wpa_supplicant.mycon.conf
#   wpa_supplicant -Dwired -B -ieth0 -c/etc/wpa_supplicant/wpa_supplicant.mycon.conf
#   dhcpcd -i eth0
#
# To terminate the connection
#   wpa_cli terminate
#   dhcpcd -k
#
# Tested on Parabola GNU/Linux
#   dhcpcd 9.4.1
#   wpa_supplicant v2.10
#   linux-libre 5.18.12-gnu
#
# Alternatively, if using OpenRC, rename this file to- or
# create a symlink to this file from
# /etc/wpa_supplicant/wpa_supplicant.conf (see
# /etc/init.d/wpa_supplicant.conf), then
#   rc-service dhcpcd start
#
# (dhcpcd loads wpa_supplicant)

# https://wiki.archlinux.org/title/Wpa_supplicant
# Giving configuration update rights to wpa_cli
ctrl_interface=/run/wpa_supplicant
# enable users without root access  to connect to wireless networks and use wpa_clix
ctrl_interface_group=wheel
# store changes made with wpa_cli
update_config=1

# https://bbs.archlinux.org/viewtopic.php?id=188783
# https://wiki.archlinux.org/title/Wpa_supplicant#802.1x/radius
# Wired Ethernet drivers
ap_scan=0
# # Wireless
# ap_scan=1

network={
    key_mgmt=IEEE8021X
    eap=PEAP
    # The name does not really matter
#   ssid="network name"
    # This is the one recommended by my current provider
    ca_cert="/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem"
    # Quotes should remain
    identity="my username"
    password="mycomplicated password"
    # Does not work
    # To get psk, run:
    #   wpa_passphrase campusroam <passphrase>
	# psk=79ca4b0df794ca14a824a5254199b914c17cab47ddcdd3d4b3532fcd23bac2bd

    # # You can omit this (MSCHAPv2 is the default)
    # phase2="autheap=MSCHAPV2"
}

# wpa_cli
# > status
# bssid=<your bssid>
# freq=0
# ssid=<your ssid>
# id=0
# mode=station
# pairwise_cipher=NONE
# group_cipher=NONE
# key_mgmt=IEEE 802.1X (no WPA)
# wpa_state=COMPLETED
# address=<your MAC>
# Supplicant PAE state=AUTHENTICATED
# suppPortStatus=Authorized
# EAP state=SUCCESS
# selectedMethod=25 (EAP-PEAP)
# eap_tls_version=TLSv1.2
# EAP TLS cipher=AES256-GCM-SHA384
# tls_session_reused=0
# EAP-PEAPv0 Phase2 method=MSCHAPV2
# eap_session_id=<something very long>
# uuid=<an UUID>