-<h2>BUILDING/INSTALLING A TRUST ROUTER:</h2>
+<h2>BUILDING/INSTALLING A TRUST ROUTER</h2>
(Assumes you already have a Moonshot DVD installed.)
To build and install a Trust Router, you need to separately 'make' and 'make install' in both the moonshot/trust_router and moonshot/freeradius-server directories, in that order.
-<h2>CONFIGURING A TRUST ROUTER:</h2>
+<h2>CONFIGURING A TRUST ROUTER</h2>
In addition to having a valid freeradius TLS/PSK configuration, a set of Trust Router and TID-specific configuration is required in order to use the Trust Router.
trust_router = "10.0.2.15"<br/>
}
-<h2>BRINGING UP/VERIFYING A TRUST ROUTER:</h2>
+<h2>BRINGING UP/VERIFYING A TRUST ROUTER</h2>
To run all of the components needed to test the Trust Router, you will need to have at least two different nodes (or VMs) at different IP addresses.
Start the TID Server (on Node-2, as root):
-root@debian:/opt/moonshot/bin# ./tids 10.1.10.90 /var/tmp/keys
+root@debian:/opt/moonshot/bin# ./tids 10.1.10.90 gss_id /var/tmp/keys
+
+The gss_id is the GSS name that will be used by the trustrouter to connect to the TIDS. For example if trustrouter@apc.painless-security.com is provisioned as the identity, then enter trustrouter@apc.painless-security.com.
On the second virtual machine, you will run the freeradius RP AAA Proxy (with built-in TIDC), the Trust Router, the GSS Server and the GSS Client. For example: