- The Moonshot Identity Manager (Moonshot.app) is currently not signed with Apple production certificates. This is by design to allow the application to operate outside the macOS sandbox.
1. System Preparation
1.1. Get the macOS Client
Download the macOS client here:
2. Install the macOS Client
Once you have the macOS client, installation is simply a matter of opening the downloaded DMG archive, and double-clicking the installer to launch it.
You will be launched into the install wizard for the Moonshot macOS Client:
Before the macOS Client installation proceeds, you will be warned that the software requires a reboot before it is functional.
If necessary, you will be prompted to enter a password for a user that has privileges to install software on this computer. It may be your own username.
3. Identity Selection
Users will use the Moonshot Identity Manager to select identities when prompted.
You can also read the Moonshot Identity Manager guide.
4. Next Steps
You now have all of the necessary Moonshot GSS-EAP libraries and configuration for the application/service on your machine to use Moonshot. The next step is to install/configure that application/service as necessary.
Newer versions of macOS feature the so-called App Sandbox, which Apple uses to try to make macOS more secure against system breaches. The side effect is that all Unix applications resident in
/usr/bin, notably OpenSSH Client and curl, will not load the Moonshot GSS-EAP mechanism when resident there. To 'derestrict' the application, use the
sudo command to copy the application from
/usr/local/bin (and creating that directory where necessary), and adjusting the
/etc/paths file to load applications from