Scripting with nmcli to connect RADIUS/WPA2 Enterprise Wi-Fi network

Recently there is a challenge that came from work. A batch of Linux client machines that are going to be deployed onsite need to connect to enterprise Wi-Fi with RADIUS authentication server.

Due to the sheer number of client machines, it is impractical to configure them individually using NetworkManager's GUI. So I decided to write a small script that automates this process by utilizing the command-line interface of NetworkManager: nmcli.

The script is very straightforward: it reads the desired IP address, turns on Wi-Fi radio and connect to a pre-configured Wi-Fi network with static IP and manual DNS/gateway settings.

#!/bin/bash

currentstaticip=$(ip -4 --brief address | grep -m1 192.168 | awk '{print $3}')
echo "The static IP address of $HOSTNAME is $currentstaticip"

# Turn Wi-Fi on and scan for Wi-Fi signals
nmcli radio wifi on
sleep 3

# Configure wlan0 connection
nmcli con modify wlan0 802-11-wireless.ssid THE-SSID

nmcli con modify wlan0 802-1x.eap peap 802-1x.identity THE-IDENTITY \
802-1x.password THE-PASSWD \
802-1x.phase2-auth mschapv2 \
802-11-wireless-security.key-mgmt wpa-eap

nmcli con modify wlan0 ipv4.method manual
nmcli con modify wlan0 ipv4.address $currentstaticip
nmcli con modify wlan0 ipv4.dns 8.8.8.8,1.1.1.1
nmcli con modify wlan0 ipv4.gateway 192.168.x.1

# Connect
nmcli con up "wlan0"
nmcli con modify "wlan0" wifi.hidden yes

The only part that required trial and error is the sequence in which security and identity information is supplied to the RADIUS server. Every RADIUS setup is different and what worked in this scenario may not work under a different setup. On the other hand, there's not a lot of scripting examples out on the internet that deal with enterprise Wi-Fi. All in all, it took me a few hours to read the man pages and come up with this solution.

Hope it will bring value to people who are struggling with similar problems.

How Unix tools help me decide baby names

As a father-to-be, I'm both thrilled and terrified to be expecting a baby. Of all things I should do right now, the most practical thing would be to come up with a name. However, out of thousands if not tens of thousands first names out there, how to pick the one?

I am not very creative at naming people or pets, and I'm very picky at the same time. As we would likely to have multiple children down the road, we definitely need to come up with a system to help us name them. Say the maximum possible number of children we would have is six, we would want each child's name starts with a different letter. Together these letters would form a word with a beautiful meaning. I take inspiration from Brian W Kernighan's book UNIX: A History and a Memoir, in which he writes a story about using grep and regular expression to help a friend find words (from the dictionary on his Unix system) matching an upside-down calculator screen. I thought it was funny when I first read about it, but now I think it just might be what I need to try.

So here is the gist. I'm going to find all six-letter words from a dictionary and pick one. The word can have capitalized or small first letter, but it should not contain repeating letters.

First, I run the following command again a dictionary file commonly found on Linux and BSD machines (on macOS it's /usr/share/dict/web2). The purpose is to extract all six-letter words and store them to a temp filed called `upper_unprocessed'

~$ grep -E '^[[:upper:]][[:lower:]]{5}$' /usr/share/dict/web2 > upper_unprocessed

Next, we need to process the upper_unprocessed file. I first convert capitalized letters to lower letters, piping the results to grep to find the words that do not have any repeating letters (notice the -v flag). Finally, I capitalize the first letter of each word, essentially restoring their original look. The cleaned up list is now stored in upper file.

~$ tr [:upper:] [:lower:] < upper_unprocessed | grep -Ev '(.)(.*\1){1}' | sed -E 's/(.)/\u\1/' > upper

Now that we have upper case words taken care of, let's look at lower case words. We find six-letter words from web2 dictionary and get rid of the ones with repeating letters, store them in lower file.

~$ grep -E '^[[:lower:]]{6}$' web2 | grep -Ev '(.)(.*\1){1}' > lower

Finally, we cat display both upper and lower files, sort all the words alphabetically (albeit ignoring the case with -f flag) and output them to a file called combined.

~$ cat upper lower | sort -f > combined

Voila! Here is a sneak peak of the resulted combined file:

abdest
Abdiel
abduce
abduct
abeigh
abider
Abipon
abject
abjure
ablest
...
begoud
begowk
begray
begrim
Beguin
begulf
begunk
behalf
behind
behint

A quick wc -l shows over 8000 lines (or words, in this case), giving us plenty of choices. A quirk I found during the process is that how unused I am to BSD version of these tools. I learned the command line by using Linux and are used to GNU version of things. Dealing with regex on a BSD machine is a little weird and frustrating. As a result, I grabbed the dictionary file from a Mac and did the processing inside a Debian system.

I would tell you that the final choice is the word family, which totally checks all the boxes and means a lot to, well, a family. Credits go to Unix tools!

How I Got Into Computers (Part II)

First PC

I assembled my first PC in the summer between middle school and high school. Prior to that summer, it was a pro-longed period we had to study for the high school entrance examination. A gaming PC was sort of my reward after years of hard work.

The PC was built with budget in mind. In fact, I tried my very best to fit the most capable hardware within the budget. It has an AMD Athlon 3-core CPU, 4GB of RAM and Radeon HD6750 graphics card. Not a powerhouse, but it was good enough for 3A games to run smoothly on a 22 inch monitor with mid to high settings. I played tons of games that summer inside my room without A/C. Sweat dripped from my elbow to the floor like a waterfall. I couldn't care less about the heat and fan noise when I dived into games. I caught up with all the games I missed due to busy school work, or at least I think I did.

Besides gaming, it was a lovely summer all by itself. I hung out with friends to restaurants and shopping centres; tried a lot of things for the first time; even dated my first girlfriend.

High School

Summer quickly went by and high school was upon me. Since the campus was far from the city, nearly all student had to live in the student residence. It was essentially a boarding school experience. We would stay on campus for 5 days and go home for the weekend. The caveat is that I don't get to have a computer at school. Laptops are not forbidden in the residence per se, but we didn't have much free time to spend at residence. Computers became useless.

In the early 2010s, we saw the wake of smart phone. Almost all the kids had one, be it smart or not. My first phone was purchased within the first couple of months into high school. It was a Meizu M8, a highly customized Windows CE phone with iPhone 3GS as its design goal. It has a beautiful 3.5 inch screen and a home button, just like the iPhone. Software-wise, it was pretty barebone: basic utilities and a few third party apps like QQ and UC Browser. Beside texting SMS and chatting on QQ, I main used the phone to do social media in the browser, read news in text-based RSS feed, and listened to music (pre-loaded, of course). It served me well for 2 years in high school. I still miss the dense feeling of holding the M8 on hand.

O Canada

At the final year of high school, my family and I decided to continue my education in Canada. I arrived at Pearson International Airport alone, a month before my 18th birthday. Going from China to Canada is one of the biggest events in my life. It is a topic for another blog post.

As for tech equipments, I brought with me the trusty ASUS laptop I mention in Part I of this series. It was old and shit after years of tinkering, but still working. About 2 months into new life, I started to notice the rather frequent sales event on Dell website... hmm, capitalism began its work. Jokes aside, I really needed a more capable machine for everything I do, and some photography needs. I pulled the trigger: first time in my life, I spent one thousand Canadian dollars buying something without consulting my parents. It was the moment when I started to take responsibilities of my own finance. It was a Dell Inspiron 17-inch laptop with i7 and 8GB of RAM. It only had integrated Intel graphics: I tried to distant myself from gaming on this thing; honestly though, I didn't want to spend more money on a NVIDIA graphics card.

As it turned out, this big boy served me well for over 3 years. With a 17-inch 1080P screen, it acted like a desktop replacement. Sadly, I accidentally poured water over it while I was travelling in Xiamen, China, and it started to have weird issues ever since.

Early University Life: Google v. Apple

University life is colourful in terms of tech gears. As a freshman, I was tired of having to dragging my big Dell around the campus. So, I decided to try out Chromebook: I ordered a Toshiba 13-inch Chromebook some time in 2014 for around $300. It was a great purchase! Chromebook was a perfect balance between weight, price and functionality. I was able to write notes, collaborate on Google Docs and browse the web on this mighty little machine with hours and hours of battery life. The screen sucked, and so was the keyboard, but those things mattered far less to me back then than they are now.

I used to be a Google fanboy with Google tech equipped to teeth. Google's services were awesome and I took so much advantage of them. It wasn't until late 2018 I started to distant myself from Google ecosystem (and everything else that doesn't respect user privacy). My last Google hardware was the original Pixel phone, purchased only a few days after it launched in September 2016.

I went ahead of myself. Let's get back to 2015. That year, I got rid of my big Dell and moved onto a used MacBook Pro 13 (late 2013 model). It was beautiful and elegant. I couldn't tell if it's the retina display, but I felt so comfortable even after long hours of using it. I also bough an iPad Air 2 and iPhone 6, knowing that I would go to Germany for internship. I was very critical towards the Apple way of doing things, though. As a Google fanboy, I even engraved "Google Nexus" when I ordered my iPad, which I still use everyday. If it were a Nexus tablet, it would probably have become a pile of electronic trash after the last security update. How ironic.

I brought the MacBook Pro with me to Germany. During the first few months, I had bug bugs infested in my apartment (ouch). I moved a few times trying to get rid of those foul creatures. Eventually I figured out that I could freeze my luggage at -20 degC for over 48 hours to kill the eggs. So I did, with the help of my manager, along with the Mac inside my luggage. I did this treatment 2 times and it survived! The battery life wasn't even affected by much.

Along with the Mac, I also brought the Chromebook. What happened to this machine is worth mentioning. I gave it away to my roommate in Germany, who was a student from Syria, stranded financially because of the Syrian War in 2015. By gifting this laptop to him, I felt I did something good.

How I Got Into Computers (Part I)

In this (series of) blog post(s), I'd like to share how I got into computers and technology in general. More specifically, I will tell you a bunch of stories in a chronological order based on my memories. Some of these early childhood memories are quite blurry at this point; the details may or may not be accurate. I will try my best to put the context in place.

That being said, it's nothing sensitive or anything in that nature. I'm just trying to write down my memories and thoughts before I lose even more details down the road. If my stories ever bore interest you, I'd be glad to hear.

Windows Me

I was born in a somewhat privileged family somewhere in China. My dad attended a technology university with military background in the 1980s and stayed for teaching until the year I went to elementary school. As a result, I spent most of my early childhood days in a semi-militarized neighbourhood with kids who had exact same background as I did. In Chinese, the word "部队大院" is used to describe such a neighbourhood. It was quite common, especially in the north part of China.

My family is not among the super early adopters of computers, despite my dad's program involved with lots of computers (I think). By the time I started to memorize things, we still didn't have a computer at home.

The first computer we had was brought by one of my dad's colleague. It has a Sun Microsystems keyboard, a small but bulky CRT monitor, and a vertical style PC case. It was DIYed for cheap, but it was a generic x86 machine with an Intel processor. In early 2000s, computer was still a rare thing in common Chinese households, let alone internet access. My dad and his friend loaded the operating system, drivers (oh yes) and some games using floppy disks.

I started typing and playing around with this incredible machine. The OS was Windows Me, and I specifically remembered them saying it's newer than Windows 98. Only after many years I realized how badly received this version of Windows were. But none of it I cared; all I wanted to do is playing Command & Conquer: Red Alert and Age of Empires. So I did, for many preschool days.

I skipped the final year of kindergarten due to medical operations. Instead, I spent my flee time equally among playing with kids in the neighbourhood, looking after my fleet of rabbits, and playing single-player games on the PC.

It's worth mentioning my parents education philosophy. The computer was sitting in my room with no password or restrictions of any sort. I was free to use it basically any time I wanted. However, my parents never said the computer belonged to me; I was essentially "borrowing" it from my parents. They didn't have to set up a hard limit on how many hours I could play in a week since I never abused my privilege nor ruined my parents' trust. Or I did and they just didn't find out? Anyways, my relationship with my parents never got tense because of the use of tech. I thank them for giving me space to play and learn.

Computer Class

My elementary school had computer class: "microcomputer class" , as it is translated literally. Some 80+ school children wearing shoe wrappers would rush into a hot computer lab and start banging on datacenter styled plastic floor and on the keyboards. We certainly had curriculum, but I can't remember what it was because we were all too excited playing Flash games on some sketchy websites under the teacher's nose.

At some point we learned how to type (obviously) and how to manipulate Microsoft Word documents. Drawing graphics by typing commands is also part of the outcome. I wonder if China's elementary schools still have computer class in the age of iPads; and if they do, how does it differ from the class 20 years ago.

First Laptop

Fast forward to 2007, my dad brought home an ASUS 14-inch laptop and it effectively became my main computer. It was a cheap office laptop by any standard, but it was truly my first computer, which I can freely tinker with.

Around the same time we had internet access at home. I believe it was DSL PPPoE connection running at 2 Mbps down. The technician said we would need a special client on Windows in order to dial up (soon proved to be false as I connected successfully in Ubuntu).

Unlike my peers who were deeply into MMORPG games, my passion was hacking operating systems. By hacking I don't mean programming, as I'm still not a programmer as of today. I messed around with Windows XP as much as I could, trying to make it do what I wanted it to do. Eventually, at some point, I broke the stock install, and I was forced re-installing the operating system. That was when I went down the rabbit hole of "factory manufacturing" USB flash drives. With a dozen or so USB drives I collected, I flashed them using special tools, making partitions and loading multiple ISO images. I destroyed a few of them in the process, but remained largely successful. It was so satisfying that I ended up offering my magic USB drives to friends. No one was interested, obviously. However, they proved to be useful over the years and one of the USB drive remained in my pencil case to this date.

With these USB drives, I hopped among OSes with style. I ran WinPE in the USB drive to rescue system and try out live environment. I installed different variants of Windows XP ghost images that were popular in the Chinese market. Shameless to say, I swam in the sea of pirated software and operating systems. Does anyone know Deepin started out as a Windows XP image maker? Shady stuff nobody wants to bring up anymore nowadays.

My first point of contact with Linux was around that time. Back in 2008, Ubuntu already had a fairly large Chinese community around it. I got a bit bored messing around with Windows XP, and decided to try Ubuntu because it's free (as in beer; also free from safety hazardous of running pirated software). Normally I would spend hours configuring a fresh Windows XP install; I ended up spending days if not weeks configuring Ubuntu to my liking. I heavily relied on QQ (Tencent's version of ICQ) to socialize with my friends and classmates, so I had to make QQ work under Linux. The only option was using Wine, and the combination brought disaster for an absolute Linux newbie, me. I nuked and paved a few times before I finally gave up upon the idea of using Linux as a daily driver. I was not ready for Linux at that moment. However, Linux had planted a seed inside my mind; the freedom to tinker deeply attracted me and eventually made me come back some 10 years later.

The Computer Kid

During middle school, I became the computer kid who helped friends and family maintain their computers and install basic software from time to time. I would carry a USB drive in my schoolbag in case of someone needed a dose of Windows XP or Foobar2000.

The reputation spread, in ways I didn't expect. One day, one of my teachers asked me very nicely if I could help her with a wonky laptop. I was absolutely thrilled and terrified at the same time! This particular lady was famous for being super harsh on students and nobody ever wanted was to be summoned to her office. I, on the contrary, was invited. I went to her office with zero expectations, and she treated very nicely. I didn't know how to behave, so I did my job (reloading Windows XP like I did a million times) and got the hell out of there as fast as I could. After that day, though, she never gave me a hard time in her class, ever.

Oh, should I mention that I met my girlfriend - now wife - by teaching her how to troubleshoot computers over on QQ? I will save that story for another day I guess. For now, it's time to wrap up Part I.