Versions Compared

Old Version 1

changes.mady.by.user wqx+qmnstigwu5kzxaiskxnikzy@idp.company.ja.net

Saved on

compared with

New Version Current

changes.mady.by.user Alejandro Perez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Numberedheadings

System Preparation

First, there are a few Ubuntu configuration options that need to be set in advance.

Add the Moonshot Repository

  1. Add the Moonshot Debian Wheezy repository to your system. To do this, run the following command (as root, or using sudo):

    bash

  2. Install the Moonshot GPG key:

    bash

  3. Update the apt cache with the new repository information:

    bash

Moonshot GSS Mechanisms

Create a new file at /usr/etc/gss/mech (you will likely need to create the /usr/etc/gss directory) with the following content:

true

In the future we hope for this step to be done automatically on installing the software. For now, however, this is a manual step.

Install updated font-config packages

Ubuntu 12.04 LTS ships with versions of fontconfig-config and libfontconfig that are a little too old for Moonshot. We need to update these packages with newer versions.

  1. Download the following two packages:
    1. fontconfig-config:
      1. (64 or 32 bit) http://launchpadlibrarian.net/113189380/fontconfig-config_2.10.1-0ubuntu3_all.deb
    2. libfontconfig1:
      1. (64 bit) http://fr.archive.ubuntu.com/ubuntu/pool/main/f/fontconfig/libfontconfig1_2.10.1-0ubuntu3_amd64.deb
      2. (32 bit) http://fr.archive.ubuntu.com/ubuntu/pool/main/f/fontconfig/libfontconfig1_2.10.1-0ubuntu3_i386.deb

  2. Install them:

    bash

Moonshot GSS Mechanisms

Create a new file at /usr/etc/gss/mech (you will likely need to create the /usr/etc/gss directory) with the following content:

true

In the future we hope for this step to be done automatically on installing the software. For now, however, this is a manual step.

Install Moonshot

We’re now ready to install the Moonshot software and its required dependencies. Install the software by running the following command:

bash

 

Next Steps

Configure

the connection to

your Moonshot Libraries to connect to an RP Proxy

The Moonshot GSS-EAP mechanism on needs to connect to a local Moonshot RP Proxy (RADIUS server) via RADIUS or RadSec in order to create the first hop between the service and the user's home IdP to allow authentication to happen.

To do this, you must configure the connection in /etc/radsec.conf (you will likely need to create this file). This can be a RADIUS or a RadSec connection.

If you are unsure which to use, then RadSec is recommended as it is more flexible and more secure. It is slightly more complex to set up, however.

RadSec

If you choose to use a RadSec connection to your Moonshot RP Proxy, then place the following content into /etc/radsec.conf:

trueHere, $hostname is the hostname of your local Moonshot RP Proxy, $secret is the shared secret given to you by the Moonshot RP Proxy administrator, and $path_to_ca.pem $path_to_client.pem and $path_to_client.key are paths to the ca.pem, client.pem and client.key files that your Moonshot RP Proxy administrator has given you.

RADIUS

If you choose to use a plain RADIUS connection to your Moonshot RP Proxy, then place the following content into /etc/radsec.conf:

trueHere, $hostname is the hostname of your local Moonshot RP Proxy, and $secret is the shared secret that your Moonshot RP Proxy administrator has given you.

Next Steps

You now have all of the necessary Moonshot GSS-EAP libraries and configuration for the application/service on your machine to use Moonshot. The next step is to . See the page for instructions on how to do this.

Configure your Application/Service to use Moonshot

Finally, you may have to .