Install Moonshot Libraries on Debian 9

Owned by Alex Perez Mendez
Last updated: Feb 19, 2018 by Stefan Paetow
2 min read

On this page you will find instructions on how to install the Moonshot libraries on a Debian 9 "Stretch" based system, in order to enable applications/services on that system to perform Moonshot based authentication.

Contents

Assumptions and Prerequisites

This guide assumes you have an up-to-date Debian 9 based system (a minimal install will do) and that you have a Moonshot RP Proxy (this could be a Moonshot IdP) available to connect to.

Assumptions & Prerequisites

This guide assumes you have root access to the Linux device. This is required as new software needs to be installed system-wide.

Experimental

This guide is experimental, as the Debian 9 packages have not been moved to the official repository yet. Currently only AMD64 packages are available.

1. System Preparation

The Moonshot client mechanism and ID manager are part of the standard Debian 9 repository. However, if you prefer having the most updated packages, use the following procedure.

1.1. Get the Debian 9 packages

  1. Go to https://jisc365-my.sharepoint.com/:f:/g/personal/alex_perez-mendez_jisc_ac_uk/Eirerz1CGgFKpU8eHYC-1qoBPIMTvo8GgWpo-KY7szMWcQ and get the following files:

    1. libevent-openssl-2.0-5_2.0.21-stable-3_amd64_libssl1.0.deb

    2. moonshot-gss-eap_1.0.1-3_amd64.deb

    3. libmoonshot1_1.0.6-2_amd64.deb

libevent issue

All the Moonshot packages are currently built using libssl1.0. However, in Debian 9 libevent-openssl is built using libssl1.1. This difference makes that Moonshot fails randomly. Hence, we provide a version of libevent-openssl built with libssl1.0 to replace the original one.

2. Install the Moonshot Client libraries

We’re now ready to install the Moonshot software and its required dependencies. Install the software by running the following commands:

  1. Install the packages; dpkg will complain about missing dependencies, but this is expected:

    $ dpkg -i libevent-openssl-2.0-5_2.0.21-stable-3_amd64_libssl1.0.deb  moonshot-gss-eap_1.0.1-3_amd64.deb libmoonshot1_1.0.6-2_amd64.deb

  2. Finalise the installation of the packages and the dependencies:

    $ apt-get install -f

3. Next Steps

3.1. Configure your Moonshot Libraries to connect to an RP Proxy

The Moonshot GSS-EAP mechanism needs to connect to a local Moonshot RP Proxy (RADIUS server) via RADIUS or RadSec in order to create the first hop between the service and the user's home IdP to allow authentication to happen. See the Configure a Linux Server to Connect to an RP Proxy page for instructions on how to do this.

3.2. Configure your Application/Service to use Moonshot

Finally, you may have to install/configure that application/service as necessary.