wpa_supplicant Uni Wifi

I worked out how to use wpa_supplicant on Ubuntu to do 802.1X authentication at University on my x40 ThinkPad.

It's just a case of getting it all in the right order and getting the CA certificate from somewhere (I exported mine from my Mac under OS X which of course - justs works)
The crucial bits that took me a while where putting ap_scan=0 outside of the network brackets. Now I think about it its obvious thats its a global option but I didn't notice it in the manual. This allows the driver to do the scanning of SSIDs as apposed to wpa_supplicant - the secure uni network is hidden and without this debug output indicated that it was not finding the network. Also for my network I think I have to ensure that I use phase1="peapver=0" I worked that out when I was getting my Nokia E61 running Symbian to working on the same network.

my wpa_supplicant file now looks like this:

burt@bobby:/etc/wpa_supplicant$ cat wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
network={
ssid="SHU-USS"
key_mgmt=WPA-EAP
eap=PEAP
identity="myusername"
password="password"
ca_cert="/home/burt/certificates/myunicertifcate"
phase1="peapver=0"
phase2="auth=MSCHAPV2"
}

and after that I just start up wpa_supplicant
burt@bobby:/ sudo wpa_supplicant -Bw -ieth1 -c/etc/wpa_supplicant/wpa_supplicant.conf

and then getting a dhcp address:

burt@bobby:/etc/wpa_supplicant$ sudo dhclient eth1


Now I have this working I might think about trying to work out what keep causing nm-applet (the default way of managing to wifi in ubuntu 7.10) to fall over after connecting to the network if I can find the time. For the moment it works and thats what I care about. I get to stay in Linux for longer - which on this laptop is much faster and much as I hate to sound like a fanboi works better than Windows (for my uses) a large amount of the time (wpa Enterprise networks apart).

Update:
Interesting gotcha - wpa_supplicant seems to only work after I run it up with ap_scan=2 in the wpa_supplicant.conf file (which fails) then change it back to ap_scan=0 and run up wpa_supplicant again. - this is after the x40 has been in hibernation.