Skip to main content

The steps needed to install the open source version of the WiKID 2 Factor Authentication System .debs on Ubuntu


  • Postgresql, iptables, java - all will be installed (see note below if you are using postgres 9.3 on Ubuntu 14.04
  • 12+ gigs of hard drive space.
  • 1 gig of RAM
  • 2 Ethernet connections
  • Moderate CPU required
  • Please make sure JRE_HOME is set correctly.

Doing the work

Download and install the deb. You will see some errors from this command. Don't worry.
sudo dpkg -i wikid-server-xxx.deb

sudo dpkg -i wikid-utilities_x,x,x,x.deb
Install dependencies:
sudo apt-get -f install
sudo apt-get install postgresql postgresql-common openjdk-8-jdk openjdk-8-jre openssl libwww-perl sudo locate mlocate ntpdate


NB:  If you see any errors like "/usr/lib/jvm/jre/bin/java: not found' just create a symlink in /usr/lib/jvm/ pointing to your jre directory.

Set up the WiKID server. The WiKID token clients communicate with the WiKID via port 80 (https is not needed because the PINs and OTPs are asymmetrically encrypted, so you will need a routable IP address. If you are just testing, then just make sure that the PC running the client can get to the server.
sudo /opt/WiKID/bin/wikidctl setup
Once setup, start the server
sudo /opt/WiKID/bin/wikidctl start
Go to https:///WiKIDAdmin/ to complete the set up. From here, you can follow the standard documentation. If you like short docs, I recommend the Quickstart Cheatsheet:

Note: For postgresql 9.3 which comes with Ubuntu 14.04, you will need to edit /etc/postgresql/9.3/main/pg_hba.conf to allow local connections without a password. Change the md5 to trust on the two localhost lines:

# IPv4 local connections:
host all all trust
# IPv6 local connections:
host all all ::1/128 trust

NB: You may see some odd errors from postgres and iptables. It is safe to ignore these errors, assuming you are able to get to the WiKIDAdmin web interface and configure the server.

More Information

You may need to install the JCE Unlimited Strength Jurisdiction Policy Files to avoid the "Illegal Key Size error".

The WiKID token clients require port 80. You can use NAT, but it needs to be routable for the token clients. The following services may only need internal access based on your needs:

  • The WiKIDAdmin uses 443.
  • wAuth uses 8388
  • LDAP uses 10389
  • TACACS+ uses 49

NB:  You may want to install the JDK via the PPA:

deb trusty main
deb-src trusty main




Copyright © WiKID Systems, Inc. 2017 | Two-factor Authentication