configuringdebian.mdwn

   1 Clean installation of Debian 6.
   2
   3     echo "deb http://repository.project-moonshot.org/debian-moonshot sid main" > /etc/apt/sources.list.d/moonshot.list
   4     echo "deb http://ftp.cz.debian.org/debian testing main contrib non-free" > /etc/apt/sources.list.d/testing
   5
   6     wget -O - http://repository.project-moonshot.org/key.gpg | apt-key add -
   7
   8     cat >/etc/apt/preferences <<EOF
   9     Package: libstdc++6
  10     Pin: version 4.6*
  11     Pin-Priority: 900
  12
  13     Package: *
  14     Pin: release o=moonshot
  15     Pin-Priority: 750
  16
  17     Package: *
  18     Pin: release n=squeeze
  19     Pin-Priority: 700
  20
  21     Package: *
  22     Pin: release a=testing
  23     Pin-Priority: 650
  24     EOF
  25
  26
  27     apt-get install -t testing libkrb5-3 krb5-user krb5-gss-samples
  28     apt-get install moonshot-gss-eap freeradius-common
  29     apt-get install libapache2-mod-shib2
  30
  31     ktutil
  32         addent -password -p host/localhost@EXAMPLE.ORG -k 1 -e aes256-cts
  33         wkt /etc/krb5.keytab
  34         quit
  35
  36
  37     cat >/etc/radsec.conf <<EOF
  38     dictionary = "/etc/freeradius/dictionary"
  39
  40     realm gss-eap {
  41         type = "UDP"
  42         timeout = 5
  43         retries = 3
  44         server {
  45             hostname = "147.251.54.62"
  46             service = "1812"
  47             secret = "PASS"
  48         }
  49     }
  50     EOF
  51     chmod 600 /etc/radsec.conf
  52
  53
  54     mkdir -p /usr/etc/gss/
  55     cat >/usr/etc/gss/mech <<EOF
  56     eap-aes128      1.3.6.1.4.1.5322.22.1.17    mech_eap.so
  57     eap-aes256      1.3.6.1.4.1.5322.22.1.18    mech_eap.so
  58     EOF