On this page you will find instructions on how to install the Moonshot libraries on a RHEL, CentOS, or Scientific Linux system, in order to enable applications/services on that system to perform Moonshot-based authentication.

Contents


This guide assumes you have a RHEL, CentOS, or Scientific Linux system (a minimal install will do) and that you have a Moonshot RP Proxy available to connect to.


System Preparation

Network configuration

For production deployments, it is recommended that the machine be assigned a static IP address.

For CentOS networking information please refer to the official Red Hat guide:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/part-networking


https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/index


Firewall configuration

The following ports are required to be accessible to the outside world in the local firewall:

  • 2083/tcp (for RadSec connections to other Moonshot entities, including the RP proxy).


Install Moonshot

We are now ready to install the Moonshot software and its required dependencies. Install the software by running the following command:

yum install moonshot

Next Steps

Configure your Moonshot Libraries to connect to an RP Proxy

The Moonshot GSS-EAP mechanism needs to connect to a local Moonshot RP Proxy (RADIUS server) via RADIUS or RadSec in order to create the first hop between the service and the user's home IdP to allow authentication to happen. See the Configure a Linux Server to Connect to an RP Proxy page for instructions on how to do this.

Configure your Application/Service to use Moonshot

Finally, you may have to install/configure that application/service as necessary.