The following instructions assume using the NetworkManager; they were tested on Fedora Linux 20. The graphical interface might differ a bit from the below screenshots depending on the desktop environment in use, but the required data should be the same. Two protocols can be used for authentication using HITS eduroam IDs: PEAP/MSCHAPv2 and TTLS/MSCHAPv2. The two protocols are similar, there is no preference for using one or the other.
Step 1. Click on the WiFi icon, typically found in the upper right screen corner, and choose “eduroam”.
Step 2. You will be asked to fill in authentication details.
Using PEAP/MSCHAPv2 requires the following settings:
Using TTLS/MSCHAPv2 requires the following settings:
Step 3. Click on the WiFi icon again and choose “eduroam”. If “Ask for this password every time” was checked (as recommended) in Step 2, you'll be asked for a password - this is the same password that you use to access your e-mail. After entering the password, the authentication should succeed and access to the “eduroam” network should be granted.
Starting from Fedora 33, the settings for crypto algorithms have become more stringent, such that the certificate used above is no longer considered valid and the eduroam authentication fails. The settings can be switched back to the ones in Fedora 32 with the command (run as root):
update-crypto-policies --set DEFAULT:FEDORA32
followed by a restart of the computer.