/mandos/trunk : revision 111

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-08-29 06:38:27 UTC
Revision ID: teddy@fukt.bsnet.se-20080829063827-hbjl6t92tyjl5305

* mandos-clients.conf.xml (ENTITY TIMESTAMP): New.  Automatically
                                              updated by Emacs
                                              time-stamp by using
                                              Emacs local variables.
  (/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
* mandos-keygen.xml: - '' -
* mandos.conf.xml: - '' -
* mandos.xml: - '' -
* plugin-runner.xml: - '' -
* plugins.d/password-request.xml: - '' -

files removed:
legalnotice.xml

files modified:
Makefile

TODO

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-09-01">

<!ENTITY TIMESTAMP "2008-08-29">

<title>Mandos Manual</title>

<title>&COMMANDNAME;</title>

<productname>Mandos</productname>

<productname>&COMMANDNAME;</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="legalnotice.xml"/>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<refname><command>&COMMANDNAME;</command></refname>

Gives encrypted passwords to authenticated Mandos clients

Sends encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

</group>

<sbr/>

<group>

<arg choice="plain"><option>--address

<replaceable>ADDRESS</replaceable></option></arg>

<arg choice="plain"><option>-a

<replaceable>ADDRESS</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--port

<arg choice="plain"><option>-p

</group>

<sbr/>

<arg><option>--priority

<replaceable>PRIORITY</replaceable></option></arg>

<sbr/>

<arg><option>--servicename

<sbr/>

<arg><option>--configdir

<replaceable>DIRECTORY</replaceable></option></arg>

<sbr/>

<arg><option>--debug</option></arg>

<arg>--interface<arg choice="plain">NAME</arg></arg>

<arg>--address<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

<arg>--servicename<arg choice="plain">NAME</arg></arg>

<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>

<arg>--debug</arg>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

<arg>-a<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

<arg>--servicename<arg choice="plain">NAME</arg></arg>

<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>

<arg>--debug</arg>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

100

</group>

101

</cmdsynopsis>

102

103

<command>&COMMANDNAME;</command>

<arg choice="plain"><option>--version</option></arg>

104

<arg choice="plain">--version</arg>

105

</cmdsynopsis>

106

107

<command>&COMMANDNAME;</command>

100

<arg choice="plain"><option>--check</option></arg>

108

<arg choice="plain">--check</arg>

101

109

</cmdsynopsis>

102

110

</refsynopsisdiv>

103

111

127

135

<emphasis>encrypted root file system</emphasis>. See <xref

128

136

linkend="overview"/> for details.

129

137

</para>

130

138

131

139

</refsect1>

132

140

133

141

134

142

<title>OPTIONS</title>

135

143

136

144

137

145

138

139

146

140

147

141

148

<para>

142

149

Show a help message and exit

143

150

</para>

144

151

</listitem>

145

152

</varlistentry>

146

153

147

154

148

<term><option>--interface</option>

149

150

151

155

<term><literal>-i</literal>, <literal>--interface <replaceable

156

>NAME</replaceable></literal></term>

152

157

153

158

<xi:include href="mandos-options.xml" xpointer="interface"/>

154

159

</listitem>

155

160

</varlistentry>

156

161

157

162

158

<term><option>--address

159

<replaceable>ADDRESS</replaceable></option></term>

160

<term><option>-a

161

<replaceable>ADDRESS</replaceable></option></term>

163

<term><literal>-a</literal>, <literal>--address <replaceable>

164

ADDRESS</replaceable></literal></term>

162

165

163

166

<xi:include href="mandos-options.xml" xpointer="address"/>

164

167

</listitem>

165

168

</varlistentry>

166

169

167

170

168

<term><option>--port

169

170

<term><option>-p

171

171

172

PORT</replaceable></literal></term>

172

173

173

174

<xi:include href="mandos-options.xml" xpointer="port"/>

174

175

</listitem>

175

176

</varlistentry>

176

177

178

178

<term><option>--check</option></term>

179

<term><literal>--check</literal></term>

179

180

180

181

<para>

181

182

Run the server’s self-tests. This includes any unit

183

184

</para>

184

185

</listitem>

185

186

</varlistentry>

186

187

188

188

<term><option>--debug</option></term>

189

<term><literal>--debug</literal></term>

189

190

190

191

<xi:include href="mandos-options.xml" xpointer="debug"/>

191

192

</listitem>

192

193

</varlistentry>

193

194

195

195

<term><option>--priority <replaceable>

196

PRIORITY</replaceable></option></term>

196

<term><literal>--priority <replaceable>

197

PRIORITY</replaceable></literal></term>

197

198

198

199

<xi:include href="mandos-options.xml" xpointer="priority"/>

199

200

</listitem>

200

201

</varlistentry>

201

202

203

203

<term><option>--servicename

204

204

<term><literal>--servicename <replaceable>NAME</replaceable>

205

</literal></term>

205

206

206

207

<xi:include href="mandos-options.xml"

207

208

xpointer="servicename"/>

209

210

</varlistentry>

210

211

212

212

<term><option>--configdir

213

<replaceable>DIRECTORY</replaceable></option></term>

213

<term><literal>--configdir <replaceable>DIR</replaceable>

214

</literal></term>

214

215

215

216

<para>

216

217

Directory to search for configuration files. Default is

224

225

</varlistentry>

225

226

227

227

<term><option>--version</option></term>

228

<term><literal>--version</literal></term>

228

229

229

230

<para>

230

231

Prints the program version and exit.

240

241

<para>

241

242

This program is the server part. It is a normal server program

242

243

and will run in a normal system environment, not in an initial

243

<acronym>RAM</acronym> disk environment.

244

RAM disk environment.

244

245

</para>

245

246

</refsect1>

246

247

338

339

<title>ENVIRONMENT</title>

339

340

340

341

341

342

342

343

343

344

<para>

344

345

To start the configured checker (see <xref

521

522

restarting servers if it is suspected that a client has, in

522

523

fact, been compromised by parties who may now be running a

523

524

fake Mandos client with the keys from the non-encrypted

524

initial <acronym>RAM</acronym> image of the client host. What

525

should be done in that case (if restarting the server program

526

really is necessary) is to stop the server program, edit the

525

initial RAM image of the client host. What should be done in

526

that case (if restarting the server program really is

527

necessary) is to stop the server program, edit the

527

528

configuration file to omit any suspect clients, and restart

528

529

the server program.

529

530

</para>

539

540

540

541

<para>

541

542

543

<refentrytitle>mandos.conf</refentrytitle>

544

542

545

<refentrytitle>mandos-clients.conf</refentrytitle>

543

546

544

<refentrytitle>mandos.conf</refentrytitle>

545

546

547

<refentrytitle>password-request</refentrytitle>

547

548

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

548

549

Older »