Add libradsec configuration instructions.

author https://www.google.com/accounts/o8/id?id=AItOawlqnRMpYA3EDL2VcgbyxOxK1R8BsqzvaUo <Linus@web>

Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)

committer www-data <www-data@project-moonshot.org>

Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)
author https://www.google.com/accounts/o8/id?id=AItOawlqnRMpYA3EDL2VcgbyxOxK1R8BsqzvaUo <Linus@web>
Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)
committer www-data <www-data@project-moonshot.org>
Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)
diff --git a/prepare.mdwn b/prepare.mdwn

index ed728bb..db1ec73 100644 (file)
--- a/prepare.mdwn
+++ b/prepare.mdwn
@@ -34,9 +34,22 @@ Enter a password of your choice
  
  Then <code>chmod a+r /etc/krb5.keytab</code>. Note that would be a very bad thing to do if you actually were using Kerberos. It may still be a bad thing to do if you have services enabled that can potentially use Kerberos.
  
+# Configuring libradsec
+
+        cat > $prefix/etc/radsec.conf << EOF
+        config gss-eap {
+            type = "UDP"
+            server {
+                hostname = "127.0.0.1"
+                service = "1820"
+                secret = "$secret"
+            }
+        }
+        EOF
+
+$secret is the secret you share with the radius server, i.e. the "secret" entry in FreeRADIUS configuration "client" clause.
  
  
  Todo:
-* configure libradsec
  * Set up RADIUS
author	https://www.google.com/accounts/o8/id?id=AItOawlqnRMpYA3EDL2VcgbyxOxK1R8BsqzvaUo <Linus@web>
	Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)
committer	www-data <www-data@project-moonshot.org>
	Sun, 13 Mar 2011 09:19:52 +0000 (05:19 -0400)