configuringdebian.mdwn

   1 Clean installation of Debian 6.
   2
   3     echo "deb http://repository.project-moonshot.org/debian-moonshot sid main" > /etc/apt/sources.list.d/moonshot.list
   4     echo "deb http://ftp.cz.debian.org/debian testing main contrib non-free" > /etc/apt/sources.list.d/testing
   5
   6     wget -O - http://repository.project-moonshot.org/key.gpg | apt-key add -
   7
   8     cat >/etc/apt/preferences <<EOF
   9     Package: libstdc++6
  10     Pin: version 4.6*
  11     Pin-Priority: 900
  12
  13     Package: *
  14     Pin: release o=moonshot
  15     Pin-Priority: 750
  16
  17     Package: *
  18     Pin: release n=squeeze
  19     Pin-Priority: 700
  20
  21     Package: *
  22     Pin: release a=testing
  23     Pin-Priority: 650
  24     EOF
  25
  26
  27     apt-get install -t testing libkrb5-3 krb5-user krb5-gss-samples
  28     apt-get install moonshot-gss-eap freeradius-common
  29     apt-get install libapache2-mod-shib2
  30
  31     # not necessary(?):
  32     #ktutil
  33     #    addent -password -p host/localhost@EXAMPLE.ORG -k 1 -e aes256-cts
  34     #    wkt /etc/krb5.keytab
  35     #    quit
  36
  37
  38     cat >/etc/radsec.conf <<EOF
  39     dictionary = "/etc/freeradius/dictionary"
  40
  41     realm gss-eap {
  42         type = "UDP"
  43         timeout = 5
  44         retries = 3
  45         server {
  46             hostname = "147.251.54.62"
  47             service = "1812"
  48             secret = "PASS"
  49         }
  50     }
  51     EOF
  52     chmod 600 /etc/radsec.conf
  53
  54
  55     mkdir -p /usr/etc/gss/
  56     cat >/usr/etc/gss/mech <<EOF
  57     eap-aes128      1.3.6.1.4.1.5322.22.1.17    mech_eap.so
  58     eap-aes256      1.3.6.1.4.1.5322.22.1.18    mech_eap.so
  59     EOF