/mandos/trunk : revision 114

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-08-29 07:30:17 UTC
Revision ID: teddy@fukt.bsnet.se-20080829073017-tvryowganbf75zp5

* mandos-clients.conf.xml (SEE ALSO): Alphabetized, as per
                                      man-pages(7).
* mandos-keygen.xml: - '' -
* mandos.conf.xml: - '' -
* mandos.xml: - '' -
* plugin-runner.xml: - '' -
* plugins.d/password-request.xml (SEE ALSO): Changed from an
                                             <itemizedlist> to a
                                             <para>, as per
                                             man-pages(7).  Also
                                             alphabetize.

files added:
.bzrignore

files modified:
Makefile

TODO

clients.conf

initramfs-tools-hook

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/password-request.c

plugins.d/password-request.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-08-29">

<title>&COMMANDNAME;</title>

<title>Mandos Manual</title>

<productname>&COMMANDNAME;</productname>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<command>&COMMANDNAME;</command>

<arg>--interface<arg choice="plain">IF</arg></arg>

<arg>--interface<arg choice="plain">NAME</arg></arg>

<arg>--address<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

<arg>-a<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

150

152

</varlistentry>

151

153

152

154

153

<term><literal>-i</literal>, <literal>--interface <replaceable>

154

IF</replaceable></literal></term>

155

<term><literal>-i</literal>, <literal>--interface <replaceable

156

>NAME</replaceable></literal></term>

155

157

156

158

<xi:include href="mandos-options.xml" xpointer="interface"/>

157

159

</listitem>

274

276

275

277

</row>

276

278

<row>

277

279

278

280

279

281

</row>

280

282

<row>

310

312

longer eligible to receive the encrypted password. The timeout,

311

313

checker program, and interval between checks can be configured

312

314

both globally and per client; see <citerefentry>

313

<refentrytitle>mandos.conf</refentrytitle>

314

315

<refentrytitle>mandos-clients.conf</refentrytitle>

316

<manvolnum>5</manvolnum></citerefentry>.

317

</para>

320

321

<title>LOGGING</title>

322

<para>

323

The server will send log messaged with various severity levels

324

to <filename>/dev/log</filename>. With the

323

The server will send log message with various severity levels to

324

<filename>/dev/log</filename>. With the

325

<option>--debug</option> option, it will log even more messages,

326

and also show them on the console.

327

</para>

348

<varname>PATH</varname> to search for matching commands if

349

an absolute path is not given. See <citerefentry>

350

351

</citerefentry>

351

</citerefentry>.

352

</para>

353

</listitem>

354

</varlistentry>

450

Normal invocation needs no options:

451

</para>

452

<para>

453

<userinput>mandos</userinput>

453

<userinput>&COMMANDNAME;</userinput>

454

</para>

455

</informalexample>

456

463

<para>

464

465

466

<userinput>mandos --debug --configdir ~/mandos --servicename Test</userinput>

466

<userinput>&COMMANDNAME; --debug --configdir ~/mandos --servicename Test</userinput>

467

468

</para>

469

</informalexample>

475

<para>

476

477

478

<userinput>mandos --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>

478

<userinput>&COMMANDNAME; --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>

479

480

</para>

481

</informalexample>

538

539

540

541

<para>

542

543

<refentrytitle>mandos-clients.conf</refentrytitle>

544

545

<refentrytitle>mandos.conf</refentrytitle>

546

547

<refentrytitle>password-request</refentrytitle>

548

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

549

550

</citerefentry>

551

</para>

541

552

542

553

543

554

<term>

544

545

<refentrytitle>password-request</refentrytitle>

546

<manvolnum>8mandos</manvolnum>

547

</citerefentry>

548

</term>

549

550

<para>

551

This is the actual program which talks to this server.

552

Note that it is normally not invoked directly, and is only

553

run in the initial RAM disk environment, and not on a

554

fully started system.

555

</para>

556

</listitem>

557

</varlistentry>

558

559

<term>

560

555

<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>

561

556

</term>

562

557

579

574

</varlistentry>

580

575

581

576

<term>

582

<ulink

583

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

577

<ulink url="http://www.gnu.org/software/gnutls/"

578

>GnuTLS</ulink>

584

579

</term>

585

580

586

581

<para>

592

587

</varlistentry>

593

588

594

589

<term>

595

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

596

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

597

Unicast Addresses</citation>

590

RFC 4291: <citetitle>IP Version 6 Addressing

591

Architecture</citetitle>

598

592

</term>

599

593

600

<para>

601

The clients use IPv6 link-local addresses, which are

602

immediately usable since a link-local addresses is

603

automatically assigned to a network interfaces when it is

604

brought up.

605

</para>

594

595

596

<term>Section 2.2: <citetitle>Text Representation of

597

Addresses</citetitle></term>

598

599

</varlistentry>

600

601

<term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6

602

Address</citetitle></term>

603

604

</varlistentry>

605

606

<term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast

607

Addresses</citetitle></term>

608

609

<para>

610

The clients use IPv6 link-local addresses, which are

611

immediately usable since a link-local addresses is

612

automatically assigned to a network interfaces when it

613

is brought up.

614

</para>

615

</listitem>

616

</varlistentry>

617

</variablelist>

606

618

</listitem>

607

619

</varlistentry>

608

620

609

621

<term>

610

<citation>RFC 4346: <citetitle>The Transport Layer Security

611

(TLS) Protocol Version 1.1</citetitle></citation>

622

RFC 4346: <citetitle>The Transport Layer Security (TLS)

623

Protocol Version 1.1</citetitle>

612

624

</term>

613

625

614

626

<para>

618

630

</varlistentry>

619

631

620

632

<term>

621

<citation>RFC 4880: <citetitle>OpenPGP Message

622

Format</citetitle></citation>

633

RFC 4880: <citetitle>OpenPGP Message Format</citetitle>

623

634

</term>

624

635

625

636

<para>

629

640

</varlistentry>

630

641

631

642

<term>

632

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

633

Transport Layer Security</citetitle></citation>

643

RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer

644

Security</citetitle>

634

645

</term>

635

646

636

647

<para>

642

653

</variablelist>

643

654

</refsect1>

644

655

</refentry>

656

657

658

659

660

Older »