/mandos/release : revision 237.7.292

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-options.xml

Committer: Teddy Hogeborn
Date: 2015-04-02 18:59:29 UTC
mto: (237.7.304 trunk)
mto: This revision was merged to the branch mainline in revision 325.
Revision ID: teddy@recompile.se-20150402185929-1q1rf1zelbpzzn74

Add "!RSA" also to examples/documentation.

* mandos.conf (priority): Add "!RSA" to default commented-out value.
* mandos.conf.xml (EXAMPLE): Add "!RSA" to example priority setting.

files added:
debian/upstream

debian/upstream/signing-key.asc

mandos.service

files modified:
DBUS-API

INSTALL

Makefile

NEWS

TODO

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos.dirs

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

mandos-options.xml

<emphasis>not</emphasis> run in debug mode.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal>

<literal>:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224</literal></quote>.

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible.

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

</para>

111

126

implies this option.

112

127

</para>

113

128

129

130

This option controls whether the server will announce its

131

existence using Zeroconf. Default is to use Zeroconf. If

132

Zeroconf is not used, a <option>port</option> number or a

133

<option>socket</option> is required.

134

</para>

135

114

136

</section>

Older »