Skip to main content

Instructions for setting up the WiKID Strong Authentication server using our EC2 AMI.

Find our public AMI in the Marketplace by searching for ami-15fc7302 for the Enterprise Version.  Click Launch. Depending on the number of users, you can get away with a Micro instance. For 200 users or more or if you plan on using replication, 2 gigs of memory is required. For storage, we recommend at least 40 gigs.

For your security group, you will need port 80 open to the internet for the token clients (we use asymmetric encryption so no SSL is needed). All the other ports you will most likely want open only to your network, either via a VPN or an Amazon VPC. The WiKIDAdmin web UI uses 443. RADIUS uses 1812 UDP. Note that RADIUS traffic is not encrypted and should never pass over the open Internet.

Login to the instance as the user centos. 

Once logged in, run 'sudo su -'.  You will be prompted to set your time zone and change the root password. 

Next run 'wikidctl setup'.  You will be asked to confirm the network settiings.  For EC2, you should skip this step.  A self-signed cert will be created and you will be asked if you want to setup replication.  Choose No. 

Next, a password for the login to the WiKIDAdmin web UI will be dynamically created and presented.  Write this down!  If you forget the password you can reset it using this command:

/opt/WiKID/sbin/update_wikidadmin_passwd.sh -f

 Once your instance is launched, you can follow any of the configuration guides.

NB: We used the Centos AMI as a basis for this. You should perform your own analysis of the security of this AMI including these recommendations from Amazon.

 


 

Copyright © WiKID Systems, Inc. 2017 | Two-factor Authentication