/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-08-25 09:09:15 UTC
  • mfrom: (24.1.71 mandos)
  • Revision ID: teddy@fukt.bsnet.se-20080825090915-dxlxgb4pw1kqsui5
Merge.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
 
4
<!ENTITY VERSION "1.0">
4
5
<!ENTITY COMMANDNAME "mandos">
5
 
<!ENTITY TIMESTAMP "2008-10-03">
6
 
<!ENTITY % common SYSTEM "common.ent">
7
 
%common;
8
6
]>
9
7
 
10
8
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
11
 
   <refentryinfo>
12
 
    <title>Mandos Manual</title>
 
9
  <refentryinfo>
 
10
    <title>&COMMANDNAME;</title>
13
11
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
 
    <productname>Mandos</productname>
15
 
    <productnumber>&version;</productnumber>
16
 
    <date>&TIMESTAMP;</date>
 
12
    <productname>&COMMANDNAME;</productname>
 
13
    <productnumber>&VERSION;</productnumber>
17
14
    <authorgroup>
18
15
      <author>
19
16
        <firstname>Björn</firstname>
35
32
      <holder>Teddy Hogeborn</holder>
36
33
      <holder>Björn Påhlsson</holder>
37
34
    </copyright>
38
 
    <xi:include href="legalnotice.xml"/>
 
35
    <legalnotice>
 
36
      <para>
 
37
        This manual page is free software: you can redistribute it
 
38
        and/or modify it under the terms of the GNU General Public
 
39
        License as published by the Free Software Foundation,
 
40
        either version 3 of the License, or (at your option) any
 
41
        later version.
 
42
      </para>
 
43
 
 
44
      <para>
 
45
        This manual page is distributed in the hope that it will
 
46
        be useful, but WITHOUT ANY WARRANTY; without even the
 
47
        implied warranty of MERCHANTABILITY or FITNESS FOR A
 
48
        PARTICULAR PURPOSE.  See the GNU General Public License
 
49
        for more details.
 
50
      </para>
 
51
 
 
52
      <para>
 
53
        You should have received a copy of the GNU General Public
 
54
        License along with this program; If not, see
 
55
        <ulink url="http://www.gnu.org/licenses/"/>.
 
56
      </para>
 
57
    </legalnotice>
39
58
  </refentryinfo>
40
 
  
 
59
 
41
60
  <refmeta>
42
61
    <refentrytitle>&COMMANDNAME;</refentrytitle>
43
62
    <manvolnum>8</manvolnum>
46
65
  <refnamediv>
47
66
    <refname><command>&COMMANDNAME;</command></refname>
48
67
    <refpurpose>
49
 
      Gives encrypted passwords to authenticated Mandos clients
 
68
      Sends encrypted passwords to authenticated Mandos clients
50
69
    </refpurpose>
51
70
  </refnamediv>
52
 
  
 
71
 
53
72
  <refsynopsisdiv>
54
73
    <cmdsynopsis>
55
74
      <command>&COMMANDNAME;</command>
56
 
      <group>
57
 
        <arg choice="plain"><option>--interface
58
 
        <replaceable>NAME</replaceable></option></arg>
59
 
        <arg choice="plain"><option>-i
60
 
        <replaceable>NAME</replaceable></option></arg>
61
 
      </group>
62
 
      <sbr/>
63
 
      <group>
64
 
        <arg choice="plain"><option>--address
65
 
        <replaceable>ADDRESS</replaceable></option></arg>
66
 
        <arg choice="plain"><option>-a
67
 
        <replaceable>ADDRESS</replaceable></option></arg>
68
 
      </group>
69
 
      <sbr/>
70
 
      <group>
71
 
        <arg choice="plain"><option>--port
72
 
        <replaceable>PORT</replaceable></option></arg>
73
 
        <arg choice="plain"><option>-p
74
 
        <replaceable>PORT</replaceable></option></arg>
75
 
      </group>
76
 
      <sbr/>
77
 
      <arg><option>--priority
78
 
      <replaceable>PRIORITY</replaceable></option></arg>
79
 
      <sbr/>
80
 
      <arg><option>--servicename
81
 
      <replaceable>NAME</replaceable></option></arg>
82
 
      <sbr/>
83
 
      <arg><option>--configdir
84
 
      <replaceable>DIRECTORY</replaceable></option></arg>
85
 
      <sbr/>
86
 
      <arg><option>--debug</option></arg>
 
75
      <arg>--interface<arg choice="plain">NAME</arg></arg>
 
76
      <arg>--address<arg choice="plain">ADDRESS</arg></arg>
 
77
      <arg>--port<arg choice="plain">PORT</arg></arg>
 
78
      <arg>--priority<arg choice="plain">PRIORITY</arg></arg>
 
79
      <arg>--servicename<arg choice="plain">NAME</arg></arg>
 
80
      <arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
 
81
      <arg>--debug</arg>
 
82
    </cmdsynopsis>
 
83
    <cmdsynopsis>
 
84
      <command>&COMMANDNAME;</command>
 
85
      <arg>-i<arg choice="plain">NAME</arg></arg>
 
86
      <arg>-a<arg choice="plain">ADDRESS</arg></arg>
 
87
      <arg>-p<arg choice="plain">PORT</arg></arg>
 
88
      <arg>--priority<arg choice="plain">PRIORITY</arg></arg>
 
89
      <arg>--servicename<arg choice="plain">NAME</arg></arg>
 
90
      <arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
 
91
      <arg>--debug</arg>
87
92
    </cmdsynopsis>
88
93
    <cmdsynopsis>
89
94
      <command>&COMMANDNAME;</command>
90
95
      <group choice="req">
91
 
        <arg choice="plain"><option>--help</option></arg>
92
 
        <arg choice="plain"><option>-h</option></arg>
 
96
        <arg choice="plain">-h</arg>
 
97
        <arg choice="plain">--help</arg>
93
98
      </group>
94
99
    </cmdsynopsis>
95
100
    <cmdsynopsis>
96
101
      <command>&COMMANDNAME;</command>
97
 
      <arg choice="plain"><option>--version</option></arg>
 
102
      <arg choice="plain">--version</arg>
98
103
    </cmdsynopsis>
99
104
    <cmdsynopsis>
100
105
      <command>&COMMANDNAME;</command>
101
 
      <arg choice="plain"><option>--check</option></arg>
 
106
      <arg choice="plain">--check</arg>
102
107
    </cmdsynopsis>
103
108
  </refsynopsisdiv>
104
 
  
 
109
 
105
110
  <refsect1 id="description">
106
111
    <title>DESCRIPTION</title>
107
112
    <para>
116
121
      Any authenticated client is then given the stored pre-encrypted
117
122
      password for that specific client.
118
123
    </para>
 
124
 
119
125
  </refsect1>
120
126
  
121
127
  <refsect1 id="purpose">
122
128
    <title>PURPOSE</title>
 
129
 
123
130
    <para>
124
131
      The purpose of this is to enable <emphasis>remote and unattended
125
132
      rebooting</emphasis> of client host computer with an
126
133
      <emphasis>encrypted root file system</emphasis>.  See <xref
127
134
      linkend="overview"/> for details.
128
135
    </para>
 
136
 
129
137
  </refsect1>
130
138
  
131
139
  <refsect1 id="options">
132
140
    <title>OPTIONS</title>
 
141
 
133
142
    <variablelist>
134
143
      <varlistentry>
135
 
        <term><option>--help</option></term>
136
 
        <term><option>-h</option></term>
 
144
        <term><literal>-h</literal>, <literal>--help</literal></term>
137
145
        <listitem>
138
146
          <para>
139
147
            Show a help message and exit
140
148
          </para>
141
149
        </listitem>
142
150
      </varlistentry>
143
 
      
 
151
 
144
152
      <varlistentry>
145
 
        <term><option>--interface</option>
146
 
        <replaceable>NAME</replaceable></term>
147
 
        <term><option>-i</option>
148
 
        <replaceable>NAME</replaceable></term>
 
153
        <term><literal>-i</literal>, <literal>--interface <replaceable
 
154
        >NAME</replaceable></literal></term>
149
155
        <listitem>
150
156
          <xi:include href="mandos-options.xml" xpointer="interface"/>
151
157
        </listitem>
152
158
      </varlistentry>
153
 
      
 
159
 
154
160
      <varlistentry>
155
 
        <term><option>--address
156
 
        <replaceable>ADDRESS</replaceable></option></term>
157
 
        <term><option>-a
158
 
        <replaceable>ADDRESS</replaceable></option></term>
 
161
        <term><literal>-a</literal>, <literal>--address <replaceable>
 
162
        ADDRESS</replaceable></literal></term>
159
163
        <listitem>
160
164
          <xi:include href="mandos-options.xml" xpointer="address"/>
161
165
        </listitem>
162
166
      </varlistentry>
163
 
      
 
167
 
164
168
      <varlistentry>
165
 
        <term><option>--port
166
 
        <replaceable>PORT</replaceable></option></term>
167
 
        <term><option>-p
168
 
        <replaceable>PORT</replaceable></option></term>
 
169
        <term><literal>-p</literal>, <literal>--port <replaceable>
 
170
        PORT</replaceable></literal></term>
169
171
        <listitem>
170
172
          <xi:include href="mandos-options.xml" xpointer="port"/>
171
173
        </listitem>
172
174
      </varlistentry>
173
 
      
 
175
 
174
176
      <varlistentry>
175
 
        <term><option>--check</option></term>
 
177
        <term><literal>--check</literal></term>
176
178
        <listitem>
177
179
          <para>
178
180
            Run the server’s self-tests.  This includes any unit
180
182
          </para>
181
183
        </listitem>
182
184
      </varlistentry>
183
 
      
 
185
 
184
186
      <varlistentry>
185
 
        <term><option>--debug</option></term>
 
187
        <term><literal>--debug</literal></term>
186
188
        <listitem>
187
189
          <xi:include href="mandos-options.xml" xpointer="debug"/>
188
190
        </listitem>
189
191
      </varlistentry>
190
 
      
 
192
 
191
193
      <varlistentry>
192
 
        <term><option>--priority <replaceable>
193
 
        PRIORITY</replaceable></option></term>
 
194
        <term><literal>--priority <replaceable>
 
195
        PRIORITY</replaceable></literal></term>
194
196
        <listitem>
195
197
          <xi:include href="mandos-options.xml" xpointer="priority"/>
196
198
        </listitem>
197
199
      </varlistentry>
198
 
      
 
200
 
199
201
      <varlistentry>
200
 
        <term><option>--servicename
201
 
        <replaceable>NAME</replaceable></option></term>
 
202
        <term><literal>--servicename <replaceable>NAME</replaceable>
 
203
        </literal></term>
202
204
        <listitem>
203
205
          <xi:include href="mandos-options.xml"
204
206
                      xpointer="servicename"/>
205
207
        </listitem>
206
208
      </varlistentry>
207
 
      
 
209
 
208
210
      <varlistentry>
209
 
        <term><option>--configdir
210
 
        <replaceable>DIRECTORY</replaceable></option></term>
 
211
        <term><literal>--configdir <replaceable>DIR</replaceable>
 
212
        </literal></term>
211
213
        <listitem>
212
214
          <para>
213
215
            Directory to search for configuration files.  Default is
219
221
          </para>
220
222
        </listitem>
221
223
      </varlistentry>
222
 
      
 
224
 
223
225
      <varlistentry>
224
 
        <term><option>--version</option></term>
 
226
        <term><literal>--version</literal></term>
225
227
        <listitem>
226
228
          <para>
227
229
            Prints the program version and exit.
230
232
      </varlistentry>
231
233
    </variablelist>
232
234
  </refsect1>
233
 
  
 
235
 
234
236
  <refsect1 id="overview">
235
237
    <title>OVERVIEW</title>
236
238
    <xi:include href="overview.xml"/>
237
239
    <para>
238
240
      This program is the server part.  It is a normal server program
239
241
      and will run in a normal system environment, not in an initial
240
 
      <acronym>RAM</acronym> disk environment.
 
242
      RAM disk environment.
241
243
    </para>
242
244
  </refsect1>
243
 
  
 
245
 
244
246
  <refsect1 id="protocol">
245
247
    <title>NETWORK PROTOCOL</title>
246
248
    <para>
298
300
      </row>
299
301
    </tbody></tgroup></table>
300
302
  </refsect1>
301
 
  
 
303
 
302
304
  <refsect1 id="checking">
303
305
    <title>CHECKING</title>
304
306
    <para>
312
314
      <manvolnum>5</manvolnum></citerefentry>.
313
315
    </para>
314
316
  </refsect1>
315
 
  
 
317
 
316
318
  <refsect1 id="logging">
317
319
    <title>LOGGING</title>
318
320
    <para>
322
324
      and also show them on the console.
323
325
    </para>
324
326
  </refsect1>
325
 
  
 
327
 
326
328
  <refsect1 id="exit_status">
327
329
    <title>EXIT STATUS</title>
328
330
    <para>
330
332
      critical error is encountered.
331
333
    </para>
332
334
  </refsect1>
333
 
  
 
335
 
334
336
  <refsect1 id="environment">
335
337
    <title>ENVIRONMENT</title>
336
338
    <variablelist>
337
339
      <varlistentry>
338
 
        <term><envar>PATH</envar></term>
 
340
        <term><varname>PATH</varname></term>
339
341
        <listitem>
340
342
          <para>
341
343
            To start the configured checker (see <xref
350
352
      </varlistentry>
351
353
    </variablelist>
352
354
  </refsect1>
353
 
  
354
 
  <refsect1 id="files">
 
355
 
 
356
  <refsect1 id="file">
355
357
    <title>FILES</title>
356
358
    <para>
357
359
      Use the <option>--configdir</option> option to change where
380
382
        </listitem>
381
383
      </varlistentry>
382
384
      <varlistentry>
383
 
        <term><filename>/var/run/mandos.pid</filename></term>
 
385
        <term><filename>/var/run/mandos/mandos.pid</filename></term>
384
386
        <listitem>
385
387
          <para>
386
388
            The file containing the process id of
421
423
      Currently, if a client is declared <quote>invalid</quote> due to
422
424
      having timed out, the server does not record this fact onto
423
425
      permanent storage.  This has some security implications, see
424
 
      <xref linkend="clients"/>.
 
426
      <xref linkend="CLIENTS"/>.
425
427
    </para>
426
428
    <para>
427
429
      There is currently no way of querying the server of the current
435
437
      Debug mode is conflated with running in the foreground.
436
438
    </para>
437
439
    <para>
438
 
      The console log messages does not show a time stamp.
439
 
    </para>
440
 
    <para>
441
 
      This server does not check the expire time of clients’ OpenPGP
442
 
      keys.
 
440
      The console log messages does not show a timestamp.
443
441
    </para>
444
442
  </refsect1>
445
443
  
450
448
        Normal invocation needs no options:
451
449
      </para>
452
450
      <para>
453
 
        <userinput>&COMMANDNAME;</userinput>
 
451
        <userinput>mandos</userinput>
454
452
      </para>
455
453
    </informalexample>
456
454
    <informalexample>
463
461
      <para>
464
462
 
465
463
<!-- do not wrap this line -->
466
 
<userinput>&COMMANDNAME; --debug --configdir ~/mandos --servicename Test</userinput>
 
464
<userinput>mandos --debug --configdir ~/mandos --servicename Test</userinput>
467
465
 
468
466
      </para>
469
467
    </informalexample>
475
473
      <para>
476
474
 
477
475
<!-- do not wrap this line -->
478
 
<userinput>&COMMANDNAME; --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>
 
476
<userinput>mandos --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>
479
477
 
480
478
      </para>
481
479
    </informalexample>
482
480
  </refsect1>
483
 
  
 
481
 
484
482
  <refsect1 id="security">
485
483
    <title>SECURITY</title>
486
 
    <refsect2 id="server">
 
484
    <refsect2 id="SERVER">
487
485
      <title>SERVER</title>
488
486
      <para>
489
487
        Running this <command>&COMMANDNAME;</command> server program
490
488
        should not in itself present any security risk to the host
491
 
        computer running it.  The program switches to a non-root user
492
 
        soon after startup.
 
489
        computer running it.  The program does not need any special
 
490
        privileges to run, and is designed to run as a non-root user.
493
491
      </para>
494
492
    </refsect2>
495
 
    <refsect2 id="clients">
 
493
    <refsect2 id="CLIENTS">
496
494
      <title>CLIENTS</title>
497
495
      <para>
498
496
        The server only gives out its stored data to clients which
505
503
        <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
506
504
        <manvolnum>5</manvolnum></citerefentry>)
507
505
        <emphasis>must</emphasis> be made non-readable by anyone
508
 
        except the user starting the server (usually root).
 
506
        except the user running the server.
509
507
      </para>
510
508
      <para>
511
509
        As detailed in <xref linkend="checking"/>, the status of all
522
520
        restarting servers if it is suspected that a client has, in
523
521
        fact, been compromised by parties who may now be running a
524
522
        fake Mandos client with the keys from the non-encrypted
525
 
        initial <acronym>RAM</acronym> image of the client host.  What
526
 
        should be done in that case (if restarting the server program
527
 
        really is necessary) is to stop the server program, edit the
 
523
        initial RAM image of the client host.  What should be done in
 
524
        that case (if restarting the server program really is
 
525
        necessary) is to stop the server program, edit the
528
526
        configuration file to omit any suspect clients, and restart
529
527
        the server program.
530
528
      </para>
531
529
      <para>
532
530
        For more details on client-side security, see
533
 
        <citerefentry><refentrytitle>mandos-client</refentrytitle>
 
531
        <citerefentry><refentrytitle>password-request</refentrytitle>
534
532
        <manvolnum>8mandos</manvolnum></citerefentry>.
535
533
      </para>
536
534
    </refsect2>
537
535
  </refsect1>
538
 
  
 
536
 
539
537
  <refsect1 id="see_also">
540
538
    <title>SEE ALSO</title>
541
539
    <para>
542
540
      <citerefentry>
 
541
        <refentrytitle>mandos.conf</refentrytitle>
 
542
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
543
543
        <refentrytitle>mandos-clients.conf</refentrytitle>
544
544
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
545
 
        <refentrytitle>mandos.conf</refentrytitle>
546
 
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
547
 
        <refentrytitle>mandos-client</refentrytitle>
 
545
        <refentrytitle>password-request</refentrytitle>
548
546
        <manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>
549
547
        <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
550
548
      </citerefentry>
574
572
      </varlistentry>
575
573
      <varlistentry>
576
574
        <term>
577
 
          <ulink url="http://www.gnu.org/software/gnutls/"
578
 
          >GnuTLS</ulink>
 
575
          <ulink
 
576
              url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>
579
577
        </term>
580
578
      <listitem>
581
579
        <para>
587
585
      </varlistentry>
588
586
      <varlistentry>
589
587
        <term>
590
 
          RFC 4291: <citetitle>IP Version 6 Addressing
591
 
          Architecture</citetitle>
 
588
          <citation>RFC 4291: <citetitle>IP Version 6 Addressing
 
589
          Architecture</citetitle>, section 2.5.6, Link-Local IPv6
 
590
          Unicast Addresses</citation>
592
591
        </term>
593
592
        <listitem>
594
 
          <variablelist>
595
 
            <varlistentry>
596
 
              <term>Section 2.2: <citetitle>Text Representation of
597
 
              Addresses</citetitle></term>
598
 
              <listitem><para/></listitem>
599
 
            </varlistentry>
600
 
            <varlistentry>
601
 
              <term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6
602
 
              Address</citetitle></term>
603
 
              <listitem><para/></listitem>
604
 
            </varlistentry>
605
 
            <varlistentry>
606
 
            <term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast
607
 
            Addresses</citetitle></term>
608
 
            <listitem>
609
 
              <para>
610
 
                The clients use IPv6 link-local addresses, which are
611
 
                immediately usable since a link-local addresses is
612
 
                automatically assigned to a network interfaces when it
613
 
                is brought up.
614
 
              </para>
615
 
            </listitem>
616
 
            </varlistentry>
617
 
          </variablelist>
 
593
          <para>
 
594
            The clients use IPv6 link-local addresses, which are
 
595
            immediately usable since a link-local addresses is
 
596
            automatically assigned to a network interfaces when it is
 
597
            brought up.
 
598
          </para>
618
599
        </listitem>
619
600
      </varlistentry>
620
601
      <varlistentry>
621
602
        <term>
622
 
          RFC 4346: <citetitle>The Transport Layer Security (TLS)
623
 
          Protocol Version 1.1</citetitle>
 
603
          <citation>RFC 4346: <citetitle>The Transport Layer Security
 
604
          (TLS) Protocol Version 1.1</citetitle></citation>
624
605
        </term>
625
606
      <listitem>
626
607
        <para>
630
611
      </varlistentry>
631
612
      <varlistentry>
632
613
        <term>
633
 
          RFC 4880: <citetitle>OpenPGP Message Format</citetitle>
 
614
          <citation>RFC 4880: <citetitle>OpenPGP Message
 
615
          Format</citetitle></citation>
634
616
        </term>
635
617
      <listitem>
636
618
        <para>
640
622
      </varlistentry>
641
623
      <varlistentry>
642
624
        <term>
643
 
          RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer
644
 
          Security</citetitle>
 
625
          <citation>RFC 5081: <citetitle>Using OpenPGP Keys for
 
626
          Transport Layer Security</citetitle></citation>
645
627
        </term>
646
628
      <listitem>
647
629
        <para>
653
635
    </variablelist>
654
636
  </refsect1>
655
637
</refentry>
656
 
<!-- Local Variables: -->
657
 
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
658
 
<!-- time-stamp-end: "[\"']>" -->
659
 
<!-- time-stamp-format: "%:y-%02m-%02d" -->
660
 
<!-- End: -->