RIT Linux Wiki

A collection of information on how to access university resources at RIT using Linux Operating Systems.

View on GitHub

Connecting to the RIT eduroam network under Linux - iwd

iwd Tutorial

This is the complete instruction list for configuring iwd. This was tested on a clean Arch install ISO. File location may differ across distributions. If directories don't exist, check your distribution's documentation for the correct location of the files.


The following is required to use this configuration:


All commands starting with $ can be used as your standard user. All commands using # require to be run as root, generally by preceding the command with sudo.

  1. Generate a personal certificate according to this tutorial.

  2. Run the following command to determine what network interfaces you have available. This tutorial assumes a network interface of wlan0.

# ip link

This command will list all available network interfaces. lo (Loopback), eth (Ethernet) and veth (Virtual Ethernet) devices can all be ignored for the purposes of this tutorial.

  1. Move both the RIT CA Cert and the encrypted .pem file into the following directory: /var/lib/iwd. This can be done by running the following command:
# cp location/of/pemFile /var/lib/iwd/

This command must be run as root, as the default user does not have permission to create files in this directory.

  1. In the same directory, create a configuration file named eduroam.8021x. In it, input the following information:


Replace abc1234@rit.edu with your RIT email. Ensure that the name of the pem file matches the name written in eduroam.8021x. Do not change the EAP-Identity line.

  1. Run the following command as root (or with sudo):
# iwctl station wlan0 connect eduroam

This tells iwd to connect to the eduroam WiFi network, using the network interface wlan0. This will prompt you for the password to the .pem file you downloaded. Enter that now.

  1. (Optional) Run the following to ensure that your connection is working:

This command tests the ability to talk to the Quad9 DNS Service. If the command returns an error, then you are not connected to the eduroam network (or any other network, for that matter).


For any devices having issues, see this article on the ArchWiki to start the debugging process. Common problems include:

EAP server tried method 13 while client was configured for method 21
EAP completed with eapFail
4-Way handshake failed for ifindex 4, reason: 23

See Also