/mandos/release : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/password-request.xml

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzrignore

COPYING

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

plugins.d/usplash

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/password-request.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/password-request.xml

<?xml version='1.0' encoding='UTF-8'?>

<?xml-stylesheet type="text/xsl"

href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "password-request">

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn & Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

<manvolnum>8mandos</manvolnum>

</refmeta>

<refname><command>&COMMANDNAME;</command></refname>

Client for mandos

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--connect

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

<arg choice="plain"><option>-c

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--keydir

<replaceable>DIRECTORY</replaceable></option></arg>

<arg choice="plain"><option>-d

<replaceable>DIRECTORY</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

</group>

100

<sbr/>

101

<group>

102

<arg choice="plain"><option>--pubkey

103

104

<arg choice="plain"><option>-p

105

106

</group>

107

<sbr/>

108

<group>

109

<arg choice="plain"><option>--seckey

110

111

<arg choice="plain"><option>-s

112

113

</group>

114

<sbr/>

115

<arg>

116

<option>--priority <replaceable>STRING</replaceable></option>

117

</arg>

118

<sbr/>

119

<arg>

120

121

</arg>

122

<sbr/>

123

<arg>

124

<option>--debug</option>

125

</arg>

126

</cmdsynopsis>

127

128

<command>&COMMANDNAME;</command>

129

130

131

132

</group>

133

</cmdsynopsis>

134

135

<command>&COMMANDNAME;</command>

136

<arg choice='plain'><option>--usage</option></arg>

137

</cmdsynopsis>

138

139

<command>&COMMANDNAME;</command>

140

141

<arg choice='plain'><option>--version</option></arg>

142

143

</group>

144

</cmdsynopsis>

145

</refsynopsisdiv>

146

147

148

<title>DESCRIPTION</title>

149

<para>

150

<command>&COMMANDNAME;</command> is a mandos plugin that works

151

like a client program that through avahi detects mandos servers,

152

sets up a gnutls connect and request a encrypted password. Any

153

passwords given is automaticly decrypted and passed to

154

cryptsetup.

155

</para>

156

</refsect1>

157

158

159

<title>OPTIONS</title>

160

<para>

161

Commonly not invoked as command lines but from configuration

162

file of plugin runner.

163

</para>

164

165

166

167

<term><option>--connect=<replaceable

168

>IPADDR</replaceable><literal>:</literal><replaceable

169

>PORT</replaceable></option></term>

170

<term><option>-c

171

<replaceable>IPADDR</replaceable><literal>:</literal

172

><replaceable>PORT</replaceable></option></term>

173

174

<para>

175

Connect directly to a specified mandos server

176

</para>

177

</listitem>

178

</varlistentry>

179

180

181

<term><option>--keydir=<replaceable

182

>DIRECTORY</replaceable></option></term>

183

<term><option>-d

184

<replaceable>DIRECTORY</replaceable></option></term>

185

186

<para>

187

Directory where the openpgp keyring is

188

</para>

189

</listitem>

190

</varlistentry>

191

192

193

<term><option>--interface=

194

195

<term><option>-i

196

197

198

<para>

199

Interface that Avahi will connect through

200

</para>

201

</listitem>

202

</varlistentry>

203

204

205

<term><option>--pubkey=<replaceable

206

>FILE</replaceable></option></term>

207

<term><option>-p

208

209

210

<para>

211

Public openpgp key for gnutls authentication

212

</para>

213

</listitem>

214

</varlistentry>

215

216

217

<term><option>--seckey=<replaceable

218

>FILE</replaceable></option></term>

219

<term><option>-s

220

221

222

<para>

223

Secret OpenPGP key for GnuTLS authentication

224

</para>

225

</listitem>

226

</varlistentry>

227

228

229

<term><option>--priority=<replaceable

230

>STRING</replaceable></option></term>

231

232

<para>

233

GnuTLS priority

234

</para>

235

</listitem>

236

</varlistentry>

237

238

239

<term><option>--dh-bits=<replaceable

240

>BITS</replaceable></option></term>

241

242

<para>

243

DH bits to use in gnutls communication

244

</para>

245

</listitem>

246

</varlistentry>

247

248

249

<term><option>--debug</option></term>

250

251

<para>

252

Debug mode

253

</para>

254

</listitem>

255

</varlistentry>

256

257

258

259

260

261

<para>

262

Gives a help message

263

</para>

264

</listitem>

265

</varlistentry>

266

267

268

<term><option>--usage</option></term>

269

270

<para>

271

Gives a short usage message

272

</para>

273

</listitem>

274

</varlistentry>

275

276

277

<term><option>--version</option></term>

278

279

280

<para>

281

Prints the program version

282

</para>

283

</listitem>

284

</varlistentry>

285

</variablelist>

286

</refsect1>

287

288

289

<title>EXIT STATUS</title>

290

<para>

291

</para>

292

</refsect1>

293

294

295

<title>ENVIRONMENT</title>

296

<para>

297

</para>

298

</refsect1>

299

300

301

<title>FILES</title>

302

<para>

303

</para>

304

</refsect1>

305

306

307

308

<para>

309

</para>

310

</refsect1>

311

312

313

<title>EXAMPLE</title>

314

<para>

315

</para>

316

</refsect1>

317

318

319

<title>SECURITY</title>

320

<para>

321

</para>

322

</refsect1>

323

324

325

326

<para>

327

<citerefentry><refentrytitle>mandos</refentrytitle>

328

<manvolnum>8</manvolnum></citerefentry>,

329

<citerefentry><refentrytitle>password-prompt</refentrytitle>

330

<manvolnum>8mandos</manvolnum></citerefentry>,

331

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

332

<manvolnum>8mandos</manvolnum></citerefentry>

333

</para>

334

335

336

<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>

337

</para></listitem>

338

339

340

<ulink url="http://www.avahi.org/">Avahi</ulink>

341

</para></listitem>

342

343

344

<ulink

345

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

346

</para></listitem>

347

348

349

<ulink

350

url="http://www.gnupg.org/related_software/gpgme/">

351

GPGME</ulink>

352

</para></listitem>

353

354

355

<citation>RFC 4880: <citetitle>OpenPGP Message

356

Format</citetitle></citation>

357

</para></listitem>

358

359

360

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

361

Transport Layer Security</citetitle></citation>

362

</para></listitem>

363

364

365

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

366

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

367

Unicast Addresses</citation>

368

</para></listitem>

369

</itemizedlist>

370

</refsect1>

371

372

</refentry>

373

374

375

376

377

Older »