/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to INSTALL

  • Committer: Teddy Hogeborn
  • Date: 2018-08-15 09:26:02 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 368.
  • Revision ID: teddy@recompile.se-20180815092602-xoyb5s6gf8376i7u
mandos-client: Set system clock if necessary

* plugins.d/mandos-client.c (init_gpgme/import_key): If the system
  clock is not set, or set to january 1970, set the system clock to
  the more plausible value that is the mtime of the key file.  This is
  required by GnuPG to be able to import the keys.  (We can't pass the
  --ignore-time-conflict or the --ignore-valid-from options though
  GPGME.)

Show diffs side-by-side

added added

removed removed

Lines of Context:
39
39
    
40
40
*** Mandos Server
41
41
    + GnuTLS 3.3          https://www.gnutls.org/
42
 
      (but not 3.6.0 or later, until 3.6.6, which works)
43
42
    + Avahi 0.6.16        http://www.avahi.org/
44
43
    + Python 2.7          https://www.python.org/
45
44
    + dbus-python 0.82.4 https://dbus.freedesktop.org/doc/dbus-python/
57
56
    fping ssh-client
58
57
    
59
58
*** Mandos Client
60
 
    + GNU C Library 2.17 https://gnu.org/software/libc/
 
59
    + GNU C Library 2.16 https://gnu.org/software/libc/
61
60
    + initramfs-tools 0.85i
62
61
                        https://tracker.debian.org/pkg/initramfs-tools
63
62
    + GnuTLS 3.3        https://www.gnutls.org/
64
 
      (but not 3.6.0 or later, until 3.6.6 which works)
65
63
    + Avahi 0.6.16      http://www.avahi.org/
66
64
    + GnuPG 1.4.9       https://www.gnupg.org/
67
65
    + GPGME 1.1.6       https://www.gnupg.org/related_software/gpgme/
68
66
    + pkg-config https://www.freedesktop.org/wiki/Software/pkg-config/
69
 
    + libnl-route 3     https://www.infradead.org/~tgr/libnl/
70
67
    
71
68
    Strongly recommended:
72
69
    + OpenSSH           http://www.openssh.com/
73
70
    
74
71
    Package names:
75
 
    initramfs-tools libgnutls-dev gnutls-bin libavahi-core-dev gnupg
76
 
    libgpgme11-dev pkg-config ssh libnl-route-3-dev
 
72
    initramfs-tools libgnutls-dev libavahi-core-dev gnupg
 
73
    libgpgme11-dev pkg-config ssh
77
74
 
78
75
* Installing the Mandos server
79
76
  
126
123
     
127
124
        # /usr/lib/mandos/plugins.d/mandos-client \
128
125
                --pubkey=/etc/keys/mandos/pubkey.txt \
129
 
                --seckey=/etc/keys/mandos/seckey.txt \
130
 
                --tls-privkey=/etc/keys/mandos/tls-privkey.pem \
131
 
                --tls-pubkey=/etc/keys/mandos/tls-pubkey.pem; echo
 
126
                --seckey=/etc/keys/mandos/seckey.txt; echo
132
127
     
133
128
     This command should retrieve the password from the server,
134
129
     decrypt it, and output it to standard output.