3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY COMMANDNAME "mandos">
6
<!ENTITY TIMESTAMP "2008-08-30">
8
9
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
10
<title>&COMMANDNAME;</title>
11
<title>Mandos Manual</title>
11
12
<!-- NWalsh’s docbook scripts use this to generate the footer: -->
12
<productname>&COMMANDNAME;</productname>
13
<productname>Mandos</productname>
13
14
<productnumber>&VERSION;</productnumber>
15
<date>&TIMESTAMP;</date>
16
18
<firstname>Björn</firstname>
66
68
<refname><command>&COMMANDNAME;</command></refname>
68
Sends encrypted passwords to authenticated Mandos clients
70
Gives encrypted passwords to authenticated Mandos clients
74
76
<command>&COMMANDNAME;</command>
75
<arg>--interface<arg choice="plain">IF</arg></arg>
76
<arg>--address<arg choice="plain">ADDRESS</arg></arg>
77
<arg>--port<arg choice="plain">PORT</arg></arg>
78
<arg>--priority<arg choice="plain">PRIORITY</arg></arg>
79
<arg>--servicename<arg choice="plain">NAME</arg></arg>
80
<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
84
<command>&COMMANDNAME;</command>
85
<arg>-i<arg choice="plain">IF</arg></arg>
86
<arg>-a<arg choice="plain">ADDRESS</arg></arg>
87
<arg>-p<arg choice="plain">PORT</arg></arg>
88
<arg>--priority<arg choice="plain">PRIORITY</arg></arg>
89
<arg>--servicename<arg choice="plain">NAME</arg></arg>
90
<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
78
<arg choice="plain"><option>--interface
79
<replaceable>NAME</replaceable></option></arg>
80
<arg choice="plain"><option>-i
81
<replaceable>NAME</replaceable></option></arg>
85
<arg choice="plain"><option>--address
86
<replaceable>ADDRESS</replaceable></option></arg>
87
<arg choice="plain"><option>-a
88
<replaceable>ADDRESS</replaceable></option></arg>
92
<arg choice="plain"><option>--port
93
<replaceable>PORT</replaceable></option></arg>
94
<arg choice="plain"><option>-p
95
<replaceable>PORT</replaceable></option></arg>
98
<arg><option>--priority
99
<replaceable>PRIORITY</replaceable></option></arg>
101
<arg><option>--servicename
102
<replaceable>NAME</replaceable></option></arg>
104
<arg><option>--configdir
105
<replaceable>DIRECTORY</replaceable></option></arg>
107
<arg><option>--debug</option></arg>
94
110
<command>&COMMANDNAME;</command>
95
111
<group choice="req">
96
<arg choice="plain">-h</arg>
97
<arg choice="plain">--help</arg>
112
<arg choice="plain"><option>-h</option></arg>
113
<arg choice="plain"><option>--help</option></arg>
101
117
<command>&COMMANDNAME;</command>
102
<arg choice="plain">--version</arg>
118
<arg choice="plain"><option>--version</option></arg>
105
121
<command>&COMMANDNAME;</command>
106
<arg choice="plain">--check</arg>
122
<arg choice="plain"><option>--check</option></arg>
108
124
</refsynopsisdiv>
153
<term><literal>-i</literal>, <literal>--interface <replaceable>
154
IF</replaceable></literal></term>
170
<term><option>-i</option>
171
<replaceable>NAME</replaceable></term>
172
<term><option>--interface</option>
173
<replaceable>NAME</replaceable></term>
156
175
<xi:include href="mandos-options.xml" xpointer="interface"/>
310
329
longer eligible to receive the encrypted password. The timeout,
311
330
checker program, and interval between checks can be configured
312
331
both globally and per client; see <citerefentry>
313
<refentrytitle>mandos.conf</refentrytitle>
314
<manvolnum>5</manvolnum></citerefentry> and <citerefentry>
315
332
<refentrytitle>mandos-clients.conf</refentrytitle>
316
333
<manvolnum>5</manvolnum></citerefentry>.
320
337
<refsect1 id="logging">
321
338
<title>LOGGING</title>
323
The server will send log messaged with various severity levels
324
to <filename>/dev/log</filename>. With the
340
The server will send log message with various severity levels to
341
<filename>/dev/log</filename>. With the
325
342
<option>--debug</option> option, it will log even more messages,
326
343
and also show them on the console.
539
556
<refsect1 id="see_also">
540
557
<title>SEE ALSO</title>
560
<refentrytitle>mandos-clients.conf</refentrytitle>
561
<manvolnum>5</manvolnum></citerefentry>, <citerefentry>
562
<refentrytitle>mandos.conf</refentrytitle>
563
<manvolnum>5</manvolnum></citerefentry>, <citerefentry>
564
<refentrytitle>password-request</refentrytitle>
565
<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>
566
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
545
<refentrytitle>password-request</refentrytitle>
546
<manvolnum>8mandos</manvolnum>
551
This is the actual program which talks to this server.
552
Note that it is normally not invoked directly, and is only
553
run in the initial RAM disk environment, and not on a
554
fully started system.
560
572
<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>
595
<citation>RFC 4291: <citetitle>IP Version 6 Addressing
596
Architecture</citetitle>, section 2.5.6, Link-Local IPv6
597
Unicast Addresses</citation>
607
RFC 4291: <citetitle>IP Version 6 Addressing
608
Architecture</citetitle>
601
The clients use IPv6 link-local addresses, which are
602
immediately usable since a link-local addresses is
603
automatically assigned to a network interfaces when it is
613
<term>Section 2.2: <citetitle>Text Representation of
614
Addresses</citetitle></term>
615
<listitem><para/></listitem>
618
<term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6
619
Address</citetitle></term>
620
<listitem><para/></listitem>
623
<term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast
624
Addresses</citetitle></term>
627
The clients use IPv6 link-local addresses, which are
628
immediately usable since a link-local addresses is
629
automatically assigned to a network interfaces when it
610
<citation>RFC 4346: <citetitle>The Transport Layer Security
611
(TLS) Protocol Version 1.1</citetitle></citation>
639
RFC 4346: <citetitle>The Transport Layer Security (TLS)
640
Protocol Version 1.1</citetitle>