/mandos/release : revision 81

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

Committer: Teddy Hogeborn
Date: 2008-08-17 06:01:58 UTC
Revision ID: teddy@fukt.bsnet.se-20080817060158-o5xakkih6t3br9yq

* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
            GPGME_CFLAGS, GPGME_LIBS): New; use libgnutls-config,
                                       pkg-config, and gpgme-config to
                                       get the correct compiler and
                                       linker flags.
  (MANPOST): New post-processing stage to man pages to fix a bug with
             having "\n" in the DocBook pages.
  (objects): Use $(addsuffix) instead of a for loop in a subshell.
  (plugin-runner, plugins.d/password-prompt): Removed; targets no
                                              longer necessary.
  (.PHONY): Added "doc".

* mandos.xml: Much improved.

* plugins.d/password-request.xml: Improved SEE ALSO section.

files removed:
mandos-options.xml

overview.xml

files modified:
Makefile

TODO

clients.conf

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugins.d/password-prompt.xml

plugins.d/password-request.c

plugins.d/password-request.xml

Show diffs side-by-side

added added

removed removed

mandos-keygen.xml

<?xml version='1.0' encoding='UTF-8'?>

<?xml-stylesheet type="text/xsl"

href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos-keygen">

<title>&COMMANDNAME;</title>

167

169

</para>

168

170

</refsect1>

169

171

170

171

<title>PURPOSE</title>

172

173

<para>

174

The purpose of this is to enable <emphasis>remote and unattended

175

rebooting</emphasis> of client host computer with an

176

<emphasis>encrypted root file system</emphasis>. See <xref

177

linkend="overview"/> for details.

178

</para>

179

180

</refsect1>

181

182

172

183

173

<title>OPTIONS</title>

184

174

266

256

</variablelist>

267

257

</refsect1>

268

258

269

270

<title>OVERVIEW</title>

271

<xi:include href="overview.xml"/>

272

<para>

273

This program is a small program to generate new OpenPGP keys for

274

new Mandos clients.

275

</para>

276

</refsect1>

277

278

259

279

260

<title>EXIT STATUS</title>

280

261

<para>

281

The exit status will be 0 if new keys were successfully created,

282

otherwise not.

283

262

</para>

284

263

</refsect1>

285

264

286

287

<title>ENVIRONMENT</title>

288

289

290

<term><varname>TMPDIR</varname></term>

291

292

<para>

293

If set, temporary files will be created here. See

294

<citerefentry><refentrytitle>mktemp</refentrytitle>

295

<manvolnum>1</manvolnum></citerefentry>.

296

</para>

297

</listitem>

298

</varlistentry>

299

</variablelist>

300

</refsect1>

301

302

265

303

266

<title>FILES</title>

304

267

<para>

305

Use the <option>--dir</option> option to change where

306

<command>&COMMANDNAME;</command> will write the key files. The

307

default file names are shown here.

308

268

</para>

309

310

311

<term><filename>/etc/mandos/seckey.txt</filename></term>

312

313

<para>

314

OpenPGP secret key file which will be created or

315

overwritten.

316

</para>

317

</listitem>

318

</varlistentry>

319

320

<term><filename>/etc/mandos/pubkey.txt</filename></term>

321

322

<para>

323

OpenPGP public key file which will be created or

324

overwritten.

325

</para>

326

</listitem>

327

</varlistentry>

328

329

330

331

<para>

332

Temporary files will be written here if

333

<varname>TMPDIR</varname> is not set.

334

</para>

335

</listitem>

336

</varlistentry>

337

</variablelist>

338

269

</refsect1>

339

270

271

272

<title>NOTES</title>

273

<para>

274

</para>

275

</refsect1>

276

340

277

341

278

342

279

<para>

343

None are known at this time.

344

280

</para>

345

281

</refsect1>

346

282

347

348

<title>EXAMPLE</title>

349

350

<para>

351

Normal invocation needs no options:

352

</para>

353

<para>

354

<userinput>mandos-keygen</userinput>

355

</para>

356

</informalexample>

357

358

<para>

359

Create keys in another directory and of another type. Force

360

overwriting old key files:

361

</para>

362

<para>

363

364

365

<userinput>mandos-keygen --dir ~/keydir --type RSA --force</userinput>

366

367

</para>

368

</informalexample>

283

284

<title>EXAMPLES</title>

285

<para>

286

</para>

369

287

</refsect1>

370

288

371

289

372

290

<title>SECURITY</title>

373

291

<para>

374

The <option>--type</option> and <option>--length</option>

375

options can be used to create keys of insufficient security. If

376

in doubt, leave them to the default values.

377

</para>

378

<para>

379

The key expire time is not guaranteed to be honored by

380

<citerefentry><refentrytitle>mandos</refentrytitle>

381

<manvolnum>8</manvolnum></citerefentry>.

382

292

</para>

383

293

</refsect1>

384

294

388

298

<citerefentry><refentrytitle>password-request</refentrytitle>

389

299

<manvolnum>8mandos</manvolnum></citerefentry>,

390

300

<citerefentry><refentrytitle>mandos</refentrytitle>

391

<manvolnum>8</manvolnum></citerefentry>,

301

<manvolnum>8</manvolnum></citerefentry>, and

392

302

393

303

394

304

</para>

Older »