bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
1 |
# Default settings for all clients. These values are the default |
2 |
# values, so uncomment and change them if you want different ones. |
|
|
25
by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section. |
3 |
[DEFAULT] |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
4 |
|
5 |
# How long until a client is considered invalid - that is, ineligible |
|
6 |
# to get the data this server holds. |
|
7 |
;timeout = 1h |
|
8 |
||
9 |
# How often to run the checker to confirm that a client is still up. |
|
10 |
# Note: a new checker will not be started if an old one is still |
|
11 |
# running. The server will wait for a checker to complete until the |
|
|
93
by Teddy Hogeborn
* mandos (string_to_delta): Accept a whitespace-separated sequence of |
12 |
# above "timeout" occurs, at which time the client will be marked |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
13 |
# invalid, and any running checker killed. |
14 |
;interval = 5m |
|
15 |
||
16 |
# What command to run as "the checker". |
|
|
237.2.20
by Teddy Hogeborn
Change the default value of the "checker" option command to make the |
17 |
;checker = fping -q -- %%(host)s |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
18 |
|
19 |
||
20 |
;#### |
|
|
63
by Teddy Hogeborn
Merge. |
21 |
;# Example client |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
22 |
;[foo] |
23 |
;
|
|
|
63
by Teddy Hogeborn
Merge. |
24 |
;# OpenPGP key fingerprint |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
25 |
;fingerprint = 7788 2722 5BA7 DE53 9C5A 7CFA 59CF F7CD BD9A 5920 |
26 |
;
|
|
27 |
;# This is base64-encoded binary data. It will be decoded and sent to |
|
28 |
;# the client matching the above fingerprint. This should, of course, |
|
29 |
;# be OpenPGP encrypted data, decryptable only by the client. |
|
30 |
;secret = |
|
31 |
; hQIOA6QdEjBs2L/HEAf/TCyrDe5Xnm9esa+Pb/vWF9CUqfn4srzVgSu234 |
|
32 |
; REJMVv7lBSrPE2132Lmd2gqF1HeLKDJRSVxJpt6xoWOChGHg+TMyXDxK+N |
|
33 |
; Xl89vGvdU1XfhKkVm9MDLOgT5ECDPysDGHFPDhqHOSu3Kaw2DWMV/iH9vz |
|
34 |
; 3Z20erVNbdcvyBnuojcoWO/6yfB5EQO0BXp7kcyy00USA3CjD5FGZdoQGI |
|
35 |
; Tb8A/ar0tVA5crSQmaSotm6KmNLhrFnZ5BxX+TiE+eTUTqSloWRY6VAvqW |
|
36 |
; QHC7OASxK5E6RXPBuFH5IohUA2Qbk5AHt99pYvsIPX88j2rWauOokoiKZo |
|
37 |
; t/9leJ8VxO5l3wf/U64IH8bkPIoWmWZfd/nqh4uwGNbCgKMyT+AnvH7kMJ |
|
38 |
; 3i7DivfWl2mKLV0PyPHUNva0VQxX6yYjcOhj1R6fCr/at8/NSLe2OhLchz |
|
39 |
; dC+Ls9h+kvJXgF8Sisv+Wk/1RadPLFmraRlqvJwt6Ww21LpiXqXHV2mIgq |
|
40 |
; WnR98YgSvUi3TJHrUQiNc9YyBzuRo0AjgG2C9qiE3FM+Y28+iQ/sR3+bFs |
|
41 |
; zYuZKVTObqiIslwXu7imO0cvvFRgJF/6u3HNFQ4LUTGhiM3FQmC6NNlF3/ |
|
42 |
; vJM2hwRDMcJqDd54Twx90Wh+tYz0z7QMsK4ANXWHHWHR0JchnLWmenzbtW |
|
43 |
; 5MHdW9AYsNJZAQSOpirE4Xi31CSlWAi9KV+cUCmWF5zOFy1x23P6PjdaRm |
|
44 |
; 4T2zw4dxS5NswXWU0sVEXxjs6PYxuIiCTL7vdpx8QjBkrPWDrAbcMyBr2O |
|
45 |
; QlnHIvPzEArRQLo= |
|
46 |
;
|
|
47 |
;# Host name; used only by the checker, not used by the server itself. |
|
48 |
;host = foo.example.org |
|
49 |
;#### |
|
50 |
||
51 |
;#### |
|
52 |
;# Another example client, named "bar". |
|
53 |
;[bar] |
|
54 |
;# The fingerprint is not space or case sensitive |
|
55 |
;fingerprint = 3e393aeaefb84c7e89e2f547b3a107558fca3a27 |
|
56 |
;
|
|
57 |
;# If "secret" is not specified, a file can be read for the data. |
|
|
202
by Teddy Hogeborn
* clients.conf ([bar]/secfile): Do not imply armored format. |
58 |
;secfile = /etc/mandos/bar-secret.bin |
|
51
by Teddy Hogeborn
* clients.conf: Better comments. |
59 |
;
|
60 |
;# An IP address for host is also fine, if the checker accepts it. |
|
61 |
;host = 192.0.2.3 |
|
62 |
;
|
|
63 |
;# Parameters from the [DEFAULT] section can be overridden per client. |
|
64 |
;interval = 5m |
|
65 |
;#### |