To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos.xml
- browse files at revision 128
- compare with another revision
- download diff
- download tarball
- view history from revision 128
- Committer: Teddy Hogeborn
- Date: 2008-08-31 13:55:04 UTC
- Revision ID: teddy@fukt.bsnet.se-20080831135504-2ka1cccglsghslxy
* plugin-runner.xml (/refentry/refentryinfo/copyright): Split
copyright
holders.
* plugins.d/password-request.xml (/refentry/refentryinfo/copyright):
Split copyright holders.
copyright
holders.
* plugins.d/password-request.xml (/refentry/refentryinfo/copyright):
Split copyright holders.
- files added:
- .bzrignore
- files modified:
- Makefile
added
removed
mandos.xml
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY COMMANDNAME "mandos">
6
<!ENTITY TIMESTAMP "2008-08-31">
6
7
]>
7
8
8
9
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
9
10
<refentryinfo>
10
<title>&COMMANDNAME;</title>
11
<title>Mandos Manual</title>
11
12
<!-- NWalsh’s docbook scripts use this to generate the footer: -->
12
<productname>&COMMANDNAME;</productname>
13
<productname>Mandos</productname>
13
14
<productnumber>&VERSION;</productnumber>
15
<date>&TIMESTAMP;</date>
14
16
<authorgroup>
15
17
<author>
16
18
<firstname>Björn</firstname>
65
67
<refnamediv>
66
68
<refname><command>&COMMANDNAME;</command></refname>
67
69
<refpurpose>
68
Sends encrypted passwords to authenticated Mandos clients
70
Gives encrypted passwords to authenticated Mandos clients
69
71
</refpurpose>
70
72
</refnamediv>
71
73
72
74
<refsynopsisdiv>
73
75
<cmdsynopsis>
74
76
<command>&COMMANDNAME;</command>
75
<arg>--interface<arg choice="plain">IF</arg></arg>
76
<arg>--address<arg choice="plain">ADDRESS</arg></arg>
77
<arg>--port<arg choice="plain">PORT</arg></arg>
78
<arg>--priority<arg choice="plain">PRIORITY</arg></arg>
79
<arg>--servicename<arg choice="plain">NAME</arg></arg>
80
<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
81
<arg>--debug</arg>
82
</cmdsynopsis>
83
<cmdsynopsis>
84
<command>&COMMANDNAME;</command>
85
<arg>-i<arg choice="plain">IF</arg></arg>
86
<arg>-a<arg choice="plain">ADDRESS</arg></arg>
87
<arg>-p<arg choice="plain">PORT</arg></arg>
88
<arg>--priority<arg choice="plain">PRIORITY</arg></arg>
89
<arg>--servicename<arg choice="plain">NAME</arg></arg>
90
<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>
91
<arg>--debug</arg>
77
<group>
78
<arg choice="plain"><option>--interface
79
<replaceable>NAME</replaceable></option></arg>
80
<arg choice="plain"><option>-i
81
<replaceable>NAME</replaceable></option></arg>
82
</group>
83
<sbr/>
84
<group>
85
<arg choice="plain"><option>--address
86
<replaceable>ADDRESS</replaceable></option></arg>
87
<arg choice="plain"><option>-a
88
<replaceable>ADDRESS</replaceable></option></arg>
89
</group>
90
<sbr/>
91
<group>
92
<arg choice="plain"><option>--port
93
<replaceable>PORT</replaceable></option></arg>
94
<arg choice="plain"><option>-p
95
<replaceable>PORT</replaceable></option></arg>
96
</group>
97
<sbr/>
98
<arg><option>--priority
99
<replaceable>PRIORITY</replaceable></option></arg>
100
<sbr/>
101
<arg><option>--servicename
102
<replaceable>NAME</replaceable></option></arg>
103
<sbr/>
104
<arg><option>--configdir
105
<replaceable>DIRECTORY</replaceable></option></arg>
106
<sbr/>
107
<arg><option>--debug</option></arg>
92
108
</cmdsynopsis>
93
109
<cmdsynopsis>
94
110
<command>&COMMANDNAME;</command>
95
111
<group choice="req">
96
<arg choice="plain">-h</arg>
97
<arg choice="plain">--help</arg>
112
<arg choice="plain"><option>--help</option></arg>
113
<arg choice="plain"><option>-h</option></arg>
98
114
</group>
99
115
</cmdsynopsis>
100
116
<cmdsynopsis>
101
117
<command>&COMMANDNAME;</command>
102
<arg choice="plain">--version</arg>
118
<arg choice="plain"><option>--version</option></arg>
103
119
</cmdsynopsis>
104
120
<cmdsynopsis>
105
121
<command>&COMMANDNAME;</command>
106
<arg choice="plain">--check</arg>
122
<arg choice="plain"><option>--check</option></arg>
107
123
</cmdsynopsis>
108
124
</refsynopsisdiv>
109
125
133
149
<emphasis>encrypted root file system</emphasis>. See <xref
134
150
linkend="overview"/> for details.
135
151
</para>
136
152
137
153
</refsect1>
138
154
139
155
<refsect1 id="options">
140
156
<title>OPTIONS</title>
141
157
142
158
<variablelist>
143
159
<varlistentry>
144
<term><literal>-h</literal>, <literal>--help</literal></term>
160
<term><option>--help</option></term>
161
<term><option>-h</option></term>
145
162
<listitem>
146
163
<para>
147
164
Show a help message and exit
148
165
</para>
149
166
</listitem>
150
167
</varlistentry>
151
168
152
169
<varlistentry>
153
<term><literal>-i</literal>, <literal>--interface <replaceable>
154
IF</replaceable></literal></term>
170
<term><option>--interface</option>
171
<replaceable>NAME</replaceable></term>
172
<term><option>-i</option>
173
<replaceable>NAME</replaceable></term>
155
174
<listitem>
156
175
<xi:include href="mandos-options.xml" xpointer="interface"/>
157
176
</listitem>
158
177
</varlistentry>
159
178
160
179
<varlistentry>
161
<term><literal>-a</literal>, <literal>--address <replaceable>
162
ADDRESS</replaceable></literal></term>
180
<term><option>--address
181
<replaceable>ADDRESS</replaceable></option></term>
182
<term><option>-a
183
<replaceable>ADDRESS</replaceable></option></term>
163
184
<listitem>
164
185
<xi:include href="mandos-options.xml" xpointer="address"/>
165
186
</listitem>
166
187
</varlistentry>
167
188
168
189
<varlistentry>
169
<term><literal>-p</literal>, <literal>--port <replaceable>
170
PORT</replaceable></literal></term>
190
<term><option>--port
191
<replaceable>PORT</replaceable></option></term>
192
<term><option>-p
193
<replaceable>PORT</replaceable></option></term>
171
194
<listitem>
172
195
<xi:include href="mandos-options.xml" xpointer="port"/>
173
196
</listitem>
174
197
</varlistentry>
175
198
176
199
<varlistentry>
177
<term><literal>--check</literal></term>
200
<term><option>--check</option></term>
178
201
<listitem>
179
202
<para>
180
203
Run the server’s self-tests. This includes any unit
182
205
</para>
183
206
</listitem>
184
207
</varlistentry>
185
208
186
209
<varlistentry>
187
<term><literal>--debug</literal></term>
210
<term><option>--debug</option></term>
188
211
<listitem>
189
212
<xi:include href="mandos-options.xml" xpointer="debug"/>
190
213
</listitem>
191
214
</varlistentry>
192
215
193
216
<varlistentry>
194
<term><literal>--priority <replaceable>
195
PRIORITY</replaceable></literal></term>
217
<term><option>--priority <replaceable>
218
PRIORITY</replaceable></option></term>
196
219
<listitem>
197
220
<xi:include href="mandos-options.xml" xpointer="priority"/>
198
221
</listitem>
199
222
</varlistentry>
200
223
201
224
<varlistentry>
202
<term><literal>--servicename <replaceable>NAME</replaceable>
203
</literal></term>
225
<term><option>--servicename
226
<replaceable>NAME</replaceable></option></term>
204
227
<listitem>
205
228
<xi:include href="mandos-options.xml"
206
229
xpointer="servicename"/>
208
231
</varlistentry>
209
232
210
233
<varlistentry>
211
<term><literal>--configdir <replaceable>DIR</replaceable>
212
</literal></term>
234
<term><option>--configdir
235
<replaceable>DIRECTORY</replaceable></option></term>
213
236
<listitem>
214
237
<para>
215
238
Directory to search for configuration files. Default is
223
246
</varlistentry>
224
247
225
248
<varlistentry>
226
<term><literal>--version</literal></term>
249
<term><option>--version</option></term>
227
250
<listitem>
228
251
<para>
229
252
Prints the program version and exit.
274
297
<entry>-><!-- → --></entry>
275
298
</row>
276
299
<row>
277
<entry><quote><literal>1\r\en</literal></quote></entry>
300
<entry><quote><literal>1\r\n</literal></quote></entry>
278
301
<entry>-><!-- → --></entry>
279
302
</row>
280
303
<row>
310
333
longer eligible to receive the encrypted password. The timeout,
311
334
checker program, and interval between checks can be configured
312
335
both globally and per client; see <citerefentry>
313
<refentrytitle>mandos.conf</refentrytitle>
314
<manvolnum>5</manvolnum></citerefentry> and <citerefentry>
315
336
<refentrytitle>mandos-clients.conf</refentrytitle>
316
337
<manvolnum>5</manvolnum></citerefentry>.
317
338
</para>
320
341
<refsect1 id="logging">
321
342
<title>LOGGING</title>
322
343
<para>
323
The server will send log messaged with various severity levels
324
to <filename>/dev/log</filename>. With the
344
The server will send log message with various severity levels to
345
<filename>/dev/log</filename>. With the
325
346
<option>--debug</option> option, it will log even more messages,
326
347
and also show them on the console.
327
348
</para>
339
360
<title>ENVIRONMENT</title>
340
361
<variablelist>
341
362
<varlistentry>
342
<term><varname>PATH</varname></term>
363
<term><envar>PATH</envar></term>
343
364
<listitem>
344
365
<para>
345
366
To start the configured checker (see <xref
348
369
<varname>PATH</varname> to search for matching commands if
349
370
an absolute path is not given. See <citerefentry>
350
371
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
351
</citerefentry>
372
</citerefentry>.
352
373
</para>
353
374
</listitem>
354
375
</varlistentry>
450
471
Normal invocation needs no options:
451
472
</para>
452
473
<para>
453
<userinput>mandos</userinput>
474
<userinput>&COMMANDNAME;</userinput>
454
475
</para>
455
476
</informalexample>
456
477
<informalexample>
463
484
<para>
464
485
465
486
<!-- do not wrap this line -->
466
<userinput>mandos --debug --configdir ~/mandos --servicename Test</userinput>
487
<userinput>&COMMANDNAME; --debug --configdir ~/mandos --servicename Test</userinput>
467
488
468
489
</para>
469
490
</informalexample>
475
496
<para>
476
497
477
498
<!-- do not wrap this line -->
478
<userinput>mandos --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>
499
<userinput>&COMMANDNAME; --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>
479
500
480
501
</para>
481
502
</informalexample>
538
559
539
560
<refsect1 id="see_also">
540
561
<title>SEE ALSO</title>
562
<para>
563
<citerefentry>
564
<refentrytitle>mandos-clients.conf</refentrytitle>
565
<manvolnum>5</manvolnum></citerefentry>, <citerefentry>
566
<refentrytitle>mandos.conf</refentrytitle>
567
<manvolnum>5</manvolnum></citerefentry>, <citerefentry>
568
<refentrytitle>password-request</refentrytitle>
569
<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>
570
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
571
</citerefentry>
572
</para>
541
573
<variablelist>
542
574
<varlistentry>
543
575
<term>
544
<citerefentry>
545
<refentrytitle>password-request</refentrytitle>
546
<manvolnum>8mandos</manvolnum>
547
</citerefentry>
548
</term>
549
<listitem>
550
<para>
551
This is the actual program which talks to this server.
552
Note that it is normally not invoked directly, and is only
553
run in the initial RAM disk environment, and not on a
554
fully started system.
555
</para>
556
</listitem>
557
</varlistentry>
558
<varlistentry>
559
<term>
560
576
<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>
561
577
</term>
562
578
<listitem>
579
595
</varlistentry>
580
596
<varlistentry>
581
597
<term>
582
<ulink
583
url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>
598
<ulink url="http://www.gnu.org/software/gnutls/"
599
>GnuTLS</ulink>
584
600
</term>
585
601
<listitem>
586
602
<para>
592
608
</varlistentry>
593
609
<varlistentry>
594
610
<term>
595
<citation>RFC 4291: <citetitle>IP Version 6 Addressing
596
Architecture</citetitle>, section 2.5.6, Link-Local IPv6
597
Unicast Addresses</citation>
611
RFC 4291: <citetitle>IP Version 6 Addressing
612
Architecture</citetitle>
598
613
</term>
599
614
<listitem>
600
<para>
601
The clients use IPv6 link-local addresses, which are
602
immediately usable since a link-local addresses is
603
automatically assigned to a network interfaces when it is
604
brought up.
605
</para>
615
<variablelist>
616
<varlistentry>
617
<term>Section 2.2: <citetitle>Text Representation of
618
Addresses</citetitle></term>
619
<listitem><para/></listitem>
620
</varlistentry>
621
<varlistentry>
622
<term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6
623
Address</citetitle></term>
624
<listitem><para/></listitem>
625
</varlistentry>
626
<varlistentry>
627
<term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast
628
Addresses</citetitle></term>
629
<listitem>
630
<para>
631
The clients use IPv6 link-local addresses, which are
632
immediately usable since a link-local addresses is
633
automatically assigned to a network interfaces when it
634
is brought up.
635
</para>
636
</listitem>
637
</varlistentry>
638
</variablelist>
606
639
</listitem>
607
640
</varlistentry>
608
641
<varlistentry>
609
642
<term>
610
<citation>RFC 4346: <citetitle>The Transport Layer Security
611
(TLS) Protocol Version 1.1</citetitle></citation>
643
RFC 4346: <citetitle>The Transport Layer Security (TLS)
644
Protocol Version 1.1</citetitle>
612
645
</term>
613
646
<listitem>
614
647
<para>
618
651
</varlistentry>
619
652
<varlistentry>
620
653
<term>
621
<citation>RFC 4880: <citetitle>OpenPGP Message
622
Format</citetitle></citation>
654
RFC 4880: <citetitle>OpenPGP Message Format</citetitle>
623
655
</term>
624
656
<listitem>
625
657
<para>
629
661
</varlistentry>
630
662
<varlistentry>
631
663
<term>
632
<citation>RFC 5081: <citetitle>Using OpenPGP Keys for
633
Transport Layer Security</citetitle></citation>
664
RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer
665
Security</citetitle>
634
666
</term>
635
667
<listitem>
636
668
<para>
642
674
</variablelist>
643
675
</refsect1>
644
676
</refentry>
677
<!-- Local Variables: -->
678
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
679
<!-- time-stamp-end: "[\"']>" -->
680
<!-- time-stamp-format: "%:y-%02m-%02d" -->
681
<!-- End: -->
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0