(no commit message)

[devwiki.git] / ConfiguringRHEL.mdwn

diff --git a/ConfiguringRHEL.mdwn b/ConfiguringRHEL.mdwn
index cb9d673..94be5b9 100644 (file)
--- a/ConfiguringRHEL.mdwn
+++ b/ConfiguringRHEL.mdwn
@@ -86,12 +86,17 @@ A legacy attribute required for SSH at this time is the user name returned by th
 Finally, set the EAP type in use by moonshot (EAP-TTLS) by editing _/etc/raddb/eap.conf_ 
 
     default_eap_type = md5
+
+becomes:
+
+    default_eap_type = ttls
+
+Other EAP types should be supported (PEAP and MD5 tested).
  
 FreeRADIUS now has a very minimal IdP/ORPS configuration, and can be started with:
 
     service radiusd restart
 
-
 If you encounter any issues, you can run radius in debug mode to see what is going on internally.
 
     service radiusd stop
@@ -122,7 +127,8 @@ Ultimately, the final values depend on the deployment – probably the address,
 ###gss_eap_id
 
 Next, a file is created in the home directory at _~/.gss\_eap\_id_ – this is the file that moonshot looks in for credentials.
-The format is very simple – username followed by a password.  For now, set it to:
+The format is very simple – username followed by a password on separate lines.  For now, set it to:
+
     steve
     testing
 
@@ -176,11 +182,12 @@ To start the _gss-server_, run:
     /opt/moonshot/sbin/gss-server host@localhost &
 
 There are two ways to start _gss-client_ – the first specifies an encryption method to use by its OID 1.3.6.1.4.1.5322.22.1.18 (as seen in /etc/gss/mech):
-    /opt/moonshot/bin/gss-client -mech "{1 3 6 1 4 1 5322 22 1 18}" 127.0.0.1 host@localhost bar
 
+    /opt/moonshot/bin/gss-client -mech "{1 3 6 1 4 1 5322 22 1 18}" 127.0.0.1 host@localhost bar
 
 The second uses __Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO)__<br />
 This chooses the "best" mutually-agreeable encryption method for between client and server.  To invoke the client using __SPNEGO__, use:
+
     /opt/moonshot/bin/gss-client -spnego 127.0.0.1 host@localhost bar
 
 ##Sample Output