The Moonshot SSP is our implementation of a Windows Security Support Provider - see the Microsoft Dev Center section on the SSPI for more information - that allows many Microsoft Windows applications to make use of Moonshot for authentication with few, or no, modifications.

The Moonshot SSP is distributed as an MSI file - there is a 32 and a 64 bit version.

Contents

Current Version

The current latest version of the Moonshot SSP is v1.1.135

Compatibility

The Moonshot SSP typically works on Windows 7 onwards on the desktop end, and Windows Server 2008 onwards on the server end. See the Windows (Moonshot SSP) Compatibility List for full details.

Known Issues

Please check the Windows (Moonshot SSP) Compatibility List for details on supported versions of Windows - installing the SSP on an unsupported version of Windows may irrecoverably break your machine!
Anyone using v1.0.84 or earlier should upgrade to v1.0.85 or later - this version contains fixes to the Heartbleed bug.
This version requires Microsoft security update KB2949927 to be installed. This update is usually installed for you by Windows Update.

1. System Preparation

1.1. Install the required dependencies

The Moonshot SSP requires Microsoft .NET Framework 4.0. You can download the web installer for it at http://www.microsoft.com/en-gb/download/details.aspx?id=17851, which will download the latest versions of the required components.

1.2. Get the SSP

For now, distribution of the Moonshot SSP is being controlled whilst it is being actively developed. Access will be given to those who are a part of the Janet or GÉANT Moonshot pilots, but also potentially others if you can demonstrate a link to the research and education sector.

To get access, email Rhys Smith or Stefan Paetow, who will give you details on how to get hold of the SSP.

2. Install the SSP

Once you have the SSP, installation is simply a matter of execute the MSI as a user with Administrator privileges by double clicking on it.

Screenshot of SSP Installer - Welcome Page

If you are happy to accept the licence conditions, tick the box and click next. In the install options dialogue that appears, ensure the SSP is set to be installed. Core services such as CIFS will also require the Kernel SSP to be installed. You can also change the install location at this point; the default is C:\Program Files\Moonshot.

Screenshot of SSP Installer - Custom Setup

You are now ready to install the Moonshot SSP, so hit Install!

Screenshot of SSP Installer - Ready to Install

Once the SSP has been installed, you are requested to restart Windows.

Screenshot of SSP Installer - Restart the System

Since we are installing kernel level drivers, you really do need to restart the system for Moonshot to work.

3. Configuration options

There is very little to configure on a Windows client device. See Configure the Moonshot SSP to get an overview of all of the options available, but the "Use Domain Login Credentials" is pretty much the only option of any significance to a Windows client.

4. Identity Selection Options

Users will need a way of selecting an identity to use. Currently the only option on Windows is to use the built-in Windows Credential Manager.

5. Next Steps

You now have all of the necessary Moonshot GSS-EAP libraries and configuration for the application/service on your machine to use Moonshot. The next step is to install/configure that application/service as necessary.