tids takes gss_id

[devwiki.git] / trustrouterinfo.mdwn

diff --git a/trustrouterinfo.mdwn b/trustrouterinfo.mdwn
index c1a491d..0ddacc3 100644 (file)
--- a/trustrouterinfo.mdwn
+++ b/trustrouterinfo.mdwn
@@ -1,4 +1,4 @@
-<h2>BUILDING/INSTALLING A TRUST ROUTER:</h2>
+<h2>BUILDING/INSTALLING A TRUST ROUTER</h2>
 
 (Assumes you already have a Moonshot DVD installed.)
 
@@ -10,7 +10,7 @@ The Trust Router depends on MIT Kerberos, OpenSSL, jansson and SQLite Version 3.
 
 To build and install a Trust Router, you need to separately 'make' and 'make install' in both the moonshot/trust_router and moonshot/freeradius-server directories, in that order.
 
-<h2>CONFIGURING A TRUST ROUTER:</h2>
+<h2>CONFIGURING A TRUST ROUTER</h2>
 
 In addition to having a valid freeradius TLS/PSK configuration, a set of Trust Router and TID-specific configuration is required in order to use the Trust Router.
 
@@ -29,7 +29,7 @@ realm suffix {<br/>
         trust_router = "10.0.2.15"<br/>
 }
 
-<h2>BRINGING UP/VERIFYING A TRUST ROUTER:</h2>
+<h2>BRINGING UP/VERIFYING A TRUST ROUTER</h2>
 
 To run all of the components needed to test the Trust Router, you will need to have at least two different nodes (or VMs) at different IP addresses.
 
@@ -56,7 +56,9 @@ root@debian:/opt/moonshot/sbin# ./radiusd -fxx -l stdout
 
 Start the TID Server (on Node-2, as root):
 
-root@debian:/opt/moonshot/bin# ./tids 10.1.10.90 /var/tmp/keys
+root@debian:/opt/moonshot/bin# ./tids 10.1.10.90 gss_id /var/tmp/keys
+
+The gss_id is the GSS name that will be used by the trustrouter to connect to the TIDS.  For example if trustrouter@apc.painless-security.com is provisioned as the identity, then enter trustrouter@apc.painless-security.com.
 
 On the second virtual machine, you will run the freeradius RP AAA Proxy (with built-in TIDC), the Trust Router, the GSS Server and the GSS Client.  For example: