Requirements
- Postgresql, iptables, java - all will be installed
- 12+ gigs of hard drive space.
- 1 gig of RAM
- 2 Ethernet connections
- Moderate CPU required
Doing the work
- Download and install the deb. You will see some errors from this command. Don't worry.
sudo dpkg -i wikid-server-xxx.deb
sudo dpkg -i wikid-utilities_x,x,x,x.deb
- Install dependencies:
sudo apt-get -f install
- Or:
sudo apt-get install postgresql openjdk-6-jdk openjdk-6-jre openssl libwww-perl sudo locate ntpdate
- Set up the WiKID server. The WiKID token clients communicate with
the WiKID via port 80 (https is not needed because the PINs and OTPs
are asymmetrically encrypted, so you will need a routable IP address.
If you are just testing, then just make sure that the PC running the
client can get to the server.
sudo /opt/WiKID/bin/wikidctl setup
The script will pick up your existing network settings, walk you through them and create an SSL cert for the WiKIDAdmin web UI. It is not the same as the Intermediate CA created later.
- Once setup, start the server
/opt/WiKID/bin/wikidctl start
- Go to https:///WiKIDAdmin/ to complete the set up. From here, you can follow the standard documentation. If you like short docs, I recommend the Quickstart Cheatsheet:
NB: You may see some odd errors from postgres and iptables. It is safe to ignore these errors, assuming you are able to get to the WiKIDAdmin web interface and configure the server.
More Information
You may need to install the JCE Unlimited Strength Jurisdiction Policy Files to avoid the "Illegal Key Size error".
The WiKID token clients require port 80. You can use NAT, but it
needs to be routable for the token clients. The following services may
only need internal access based on your needs:
- The WiKIDAdmin uses 443.
- wAuth uses 8388
- LDAP uses 10389
- TACACS+ uses 49
Disclaimer
You may
run into problems, if you do, come to #wikid irc.freenode.net
Added Reading
