=== modified file 'mandos' --- mandos 2013-10-20 23:27:38 +0000 +++ mandos 2013-10-22 19:24:01 +0000 @@ -2349,7 +2349,7 @@ "port": "", "debug": "False", "priority": - "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP", + "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160", "servicename": "Mandos", "use_dbus": "True", "use_ipv6": "True", === modified file 'mandos-keygen' --- mandos-keygen 2013-10-20 21:04:35 +0000 +++ mandos-keygen 2013-10-22 19:24:01 +0000 @@ -30,7 +30,7 @@ SUBKEYLENGTH=4096 KEYNAME="`hostname --fqdn 2>/dev/null || hostname`" KEYEMAIL="" -KEYCOMMENT="Mandos client key" +KEYCOMMENT="" KEYEXPIRE=0 FORCE=no KEYCOMMENT_ORIG="$KEYCOMMENT" @@ -71,8 +71,7 @@ -e ADDRESS, --email ADDRESS Email address of key. Default is empty. -c TEXT, --comment TEXT - Comment field for key. The default value is - "Mandos client key". + Comment field for key. The default is empty. -x TIME, --expire TIME Key expire time. Default is no expiration. See gpg(1) for syntax. === modified file 'mandos-keygen.xml' --- mandos-keygen.xml 2013-09-29 15:52:19 +0000 +++ mandos-keygen.xml 2013-10-22 19:24:01 +0000 @@ -2,7 +2,7 @@ - + %common; ]> @@ -288,8 +288,7 @@ TEXT - Comment field for key. The default value is - Mandos client key. + Comment field for key. Default is empty. === modified file 'mandos-options.xml' --- mandos-options.xml 2013-10-20 21:04:35 +0000 +++ mandos-options.xml 2013-10-22 19:24:01 +0000 @@ -49,7 +49,7 @@ GnuTLS priority string for the TLS handshake. The default is SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP. + >SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160. See gnutls_priority_init 3 for the syntax. === modified file 'mandos.conf' --- mandos.conf 2013-10-20 21:04:35 +0000 +++ mandos.conf 2013-10-22 19:24:01 +0000 @@ -23,7 +23,7 @@ ;debug = False # GnuTLS priority for the TLS handshake. See gnutls_priority_init(3). -;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP +;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160 # Zeroconf service name. You need to change this if you for some # reason want to run more than one server on the same *host*.