| *** nowen (~nowen@adsl-66-165-228.asm.bellsouth.net) has joined #wikid | 12:09 | |
| *** davetoffee (57c2d5e3@gateway/web/freenode/ip.87.194.213.227) has joined #wikid | 16:43 | |
| *** davetoffee has parted #wikid (None) | 16:46 | |
| *** Ivan__ (a7e6685e@gateway/web/freenode/ip.167.230.104.94) has joined #wikid | 17:01 | |
| *** Ivan__ has quit (Client Quit) | 17:02 | |
| *** scranley (d839cdfa@gateway/web/freenode/ip.216.57.205.250) has joined #wikid | 17:56 | |
| scranley | I have a question about radius on wikid, anyone there? | 17:57 |
|---|---|---|
| scranley | Even though I enable radius in the protocols, the server isn't listening on port 1812 | 17:59 |
| nowen | hey scranley | 17:59 |
| nowen | did you create a network client? | 17:59 |
| scranley | yes | 18:01 |
| scranley | Sec I'll check it | 18:01 |
| nowen | and ran wikidctl restart? | 18:01 |
| nowen | nothing showing on 'netstat -anp | grep 1812'? | 18:01 |
| scranley | tcp 0 0 ::ffff:192.168.123.215:443 ::ffff:192.168.123.15:51812 ESTABLISHED 4926/java | 18:03 |
| scranley | I ran wikidctl restart | 18:03 |
| scranley | the client is my freeradius server | 18:03 |
| nowen | hmm. that's not the radius listener. | 18:03 |
| scranley | it has a proxy that points to the wikid server | 18:03 |
| scranley | yeah the freeradius server says that my wikid server is a zombie | 18:03 |
| nowen | check again - sometimes it can take a while to start up | 18:04 |
| scranley | Do I have to install the certificate to make it work? | 18:04 |
| scranley | the localhost cert? | 18:04 |
| nowen | haha. yes | 18:04 |
| scranley | ah crap | 18:04 |
| nowen | radius talks to the server via the localhost cert | 18:04 |
| scranley | Do I have to install all of them? | 18:04 |
| nowen | it's just two | 18:05 |
| scranley | or just localhost cert? | 18:05 |
| nowen | you need the intermediate to create the localhost | 18:05 |
| scranley | ok | 18:05 |
| scranley | I don't remember this? Server Keystore Passphrase | 18:05 |
| scranley | can I reset it? | 18:05 |
| nowen | just create a new one | 18:05 |
| scranley | ok thanks | 18:06 |
| nowen | np | 18:06 |
| scranley | sorry how do I create a new one? | 18:06 |
| nowen | the WiKIDAdmin gui, just go to the configuration tab and click on Create an Intermediate CA | 18:07 |
| scranley | ok | 18:07 |
| scranley | It just sits there with a blank white screen in the browser | 18:08 |
| scranley | like it can't reach something. | 18:08 |
| scranley | crap nevermind | 18:08 |
| *** mattdm (~mattdm@ubik.seas.harvard.edu) has joined #wikid | 18:13 | |
| mattdm | So, I'm going through configuring the vmware image, and hit a snag..... | 18:14 |
| nowen | ok | 18:14 |
| scranley | Hm, yeah it just sits there with a blank screen in the browser, I configured routing and it can reach the internet | 18:14 |
| nowen | what? | 18:14 |
| nowen | what browser is this? | 18:14 |
| nowen | IE may have an issue with the self-signed cert. | 18:15 |
| mattdm | I've got the server up and running, and I am going through the instructions for creating an intermediate CA; when I go to the configuration page and hit "create an intermediate ca", I get a blank-ish screen. I say "blank-ish" because the header and home|users|groups|domains|etc menu is still there. | 18:17 |
| nowen | hmm | 18:17 |
| nowen | check the WiKIDAdmin logs | 18:17 |
| nowen | linky in the top left | 18:17 |
| * mattdm looks.... | 18:18 | |
| mattdm | unknown host exception. | 18:18 |
| mattdm | hmmm. justasec..... | 18:18 |
| nowen | if you click on the little bomb icon the whole exception should pop up | 18:19 |
| scranley | It's firefox I'll try another | 18:19 |
| mattdm | yeah, got it. | 18:19 |
| mattdm | it's looking for the unqualified hostname. | 18:20 |
| mattdm | and because we don't control our own dhcp servers, we're stuck with a useless search path which does not include our subdomain. | 18:20 |
| mattdm | i put it in /etc/hosts and now we're good. | 18:20 |
| mattdm | thanks | 18:20 |
| nowen | you have this one dhcp? for testing, I presume? | 18:21 |
| mattdm | yes, for testing, but we actually use statically-provisioned dhcp for a lot of our server systems. | 18:21 |
| nowen | gotcha | 18:24 |
| nowen | mattdm: did you get the cert back ok? | 18:25 |
| mattdm | yeah, looks like it. | 18:25 |
| mattdm | thanks! | 18:25 |
| *** mattdm has quit (Quit: kthxbye) | 18:26 | |
| nowen | btw, I'm working on some youtube screencasts on installation and configuration: http://www.youtube.com/my_playlists?p=54667B478BB1F5CA feedback welcome | 18:28 |
| scranley | Ok I got it too, I had to fool the machine into having a FQDN | 18:38 |
| scranley | stupid question how to do I login, I have my passcode | 18:48 |
| nowen | login to the WiKIDAdmin? | 18:48 |
| nowen | or what? | 18:49 |
| scranley | sshd | 18:50 |
| scranley | ssh | 18:50 |
| scranley | with passcode + what? | 18:50 |
| scranley | or just passcode? | 18:50 |
| nowen | username and passcode | 18:50 |
| scranley | ok thanks | 18:51 |
| nowen | already configure pam radius? | 18:51 |
| scranley | yes | 18:56 |
| scranley | Access-Request by scranley Failed: AccessRejectException: Access Denied | 19:12 |
| scranley | in the wikid logs | 19:12 |
| scranley | that's all its doing | 19:12 |
| scranley | I've double checked all the shared secrets. | 19:21 |
| scranley | they look right, and I retyped them. | 19:21 |
| scranley | ok nevermind, I guess I had one shared secret wrong. | 19:22 |
| scranley | I just updated it | 19:22 |
| scranley | Thanks for all the help | 19:26 |
| scranley | cyas | 19:26 |
| *** scranley has quit (Quit: Page closed) | 19:26 | |
| *** nowen has parted #wikid (None) | 21:45 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!