1 [[!meta title="VM images"]]
4 There is a Moonshot test VM image that contains a complete development
5 environment for Moonshot. In particular it contains:
8 * Sources for moonshot, Shibboleth, libradsec and the like
9 * All dependencies mentioned [[here|building]]
10 * A build of the [MIT Kerberos](http://web.mit.edu/kerberos/) gss-sample applications
11 * Includes patches from the moonshot-mechglue branch for gss_userok support
12 * A configured freeradius server
13 * Generates SAML assertions on authentication
14 * Exposes user name for legacy GSS applications
20 The Image should work with:
26 ## Configuration of the VM
28 The VM is distributed as a disk image.
29 You will need to create a virtual machine in your VM software of choice. Unless you're using Xen in paravirtualized mode, you will need to attach a first serial port to the virtual machine. This serial port may be disabled. The image requires at least 512m of memory.
31 If the image has no eth0 but has an eth1, do the following and reboot.
33 $ sudo rm /etc/udev/rules.d/70-persistent-net.rules
38 * An ioapic to be enabled
42 Consoles are available on hvc0 (virt_ops console for xen), ttyS0 (serial console) and on the monitor and keyboard.
46 There is one account; user moonshot with password moonshot.
50 * cd krb5-1.9/src/appl/gss-sample
51 * ./gss-server host@moonshot-test.project-moonshot.org &
52 * ./gss-client -mech "{1 3 6 1 4 1 5322 22 1 18}"
53 -user steve@local -pass testing 127.0.0.1 host@localhost bar
54 For a perhaps more interesting test try: <code>ssh moonshot@127.0.0.1</code>
58 Note that this VM image is not appropriate for an open network. In particular:
60 * There is a well known ssh host key compiled into the image; this is done because it makes it easier for your to test Moonshot ssh, but is not appropriate for a secure system
61 * There are well-known passwords
62 * The test account steve@local is permitted to log into the moonshot account with a trivial password
63 * A known Kerberos key could potentially be used for ssh access
65 This is about exploring software not about secure deployments.
69 Sources to the GPL items included in the image can be found in Debian
70 squeeze's source repository. One way to get these sources is to
72 [DVD](http://moonshot-image.s3.amazonaws.com/debian-6.0.0-source-DVD-1.iso)
75 [moonshot-test-20110404.vmdk](http://moonshot-image.s3.amazonaws.com/moonshot-test-20110404.vmdk)
79 * Copy the dictionary.ukerna file from mech_eap to /usr/share/freeradius, and include this file within /usr/share/freeradius/dictionary.