41
+ GnuTLS 3.3 http://www.gnutls.org/
42
+ Avahi 0.6.16 http://www.avahi.org/
43
+ Python 2.7 https://www.python.org/
44
+ dbus-python 0.82.4 http://dbus.freedesktop.org/doc/dbus-python/
45
+ PyGObject 2.14.2 https://developer.gnome.org/pygobject/
46
+ pkg-config http://www.freedesktop.org/wiki/Software/pkg-config/
41
+ GnuTLS 3.3 https://www.gnutls.org/
42
(but not 3.6.0 or later, until 3.6.6, which works)
43
+ Avahi 0.6.16 https://www.avahi.org/
44
+ Python 3 https://www.python.org/
45
Note: Python 2.7 is still supported, if the "mandos",
46
"mandos-ctl", and "mandos-monitor" files are edited to contain
47
"#!/usr/bin/python" instead of python3.
48
+ dbus-python 0.82.4 https://dbus.freedesktop.org/doc/dbus-python/
49
+ PyGObject 3.8 https://wiki.gnome.org/Projects/PyGObject
50
+ pkg-config https://www.freedesktop.org/wiki/Software/pkg-config/
47
51
+ Urwid 1.0.1 http://urwid.org/
48
52
(Only needed by the "mandos-monitor" tool.)
52
56
+ ssh-keyscan from OpenSSH http://www.openssh.com/
55
avahi-daemon python python-avahi python-dbus python-gobject
56
python-urwid pkg-config fping ssh-client
59
avahi-daemon python3 python3-dbus python3-gi python3-urwid
60
pkg-config fping ssh-client
59
+ GNU C Library 2.16 https://gnu.org/software/libc/
63
+ GNU C Library 2.17 https://gnu.org/software/libc/
64
+ GnuTLS 3.3 https://www.gnutls.org/
65
(but not 3.6.0 or later, until 3.6.6 which works)
66
+ Avahi 0.6.16 https://www.avahi.org/
67
+ GnuPG 1.4.9 https://www.gnupg.org/
68
+ GPGME 1.1.6 https://www.gnupg.org/related_software/gpgme/
69
+ pkg-config https://www.freedesktop.org/wiki/Software/pkg-config/
70
+ libnl-route 3 https://www.infradead.org/~tgr/libnl/
71
+ GLib 2.40 http://www.gtk.org/
60
74
+ initramfs-tools 0.85i
61
75
https://tracker.debian.org/pkg/initramfs-tools
62
+ GnuTLS 3.3 http://www.gnutls.org/
63
+ Avahi 0.6.16 http://www.avahi.org/
64
+ GnuPG 1.4.9 https://www.gnupg.org/
65
+ GPGME 1.1.6 https://www.gnupg.org/related_software/gpgme/
66
+ pkg-config http://www.freedesktop.org/wiki/Software/pkg-config/
77
http://www.kernel.org/pub/linux/utils/boot/dracut/dracut.html
68
79
Strongly recommended:
69
80
+ OpenSSH http://www.openssh.com/
72
initramfs-tools libgnutls-dev libavahi-core-dev gnupg
73
libgpgme11-dev pkg-config ssh
83
initramfs-tools dracut libgnutls-dev gnutls-bin libavahi-core-dev
84
gnupg libgpgme11-dev pkg-config ssh libnl-route-3-dev
75
87
* Installing the Mandos server
79
91
2. On the computer to run as a Mandos server, run the following
81
For Debian: su -c 'make install-server'
93
For Debian: su - -c 'make install-server'
82
94
For Ubuntu: sudo make install-server
84
96
(This creates a configuration without any clients configured; you
91
103
2. On the computer to run as a Mandos client, run the following
93
For Debian: su -c 'make install-client'
105
For Debian: su - -c 'make install-client'
94
106
For Ubuntu: sudo make install-client
96
108
This will also create an OpenPGP key, which will take some time
97
109
and entropy, so be patient.
99
111
3. Run the following command:
100
For Debian: su -c 'mandos-keygen --password'
112
For Debian: su - -c 'mandos-keygen --password'
101
113
For Ubuntu: sudo mandos-keygen --password
103
115
When prompted, enter the password/passphrase for the encrypted
115
127
# update-initramfs -k all -u
117
129
5. On the server computer, start the server by running the command
118
For Debian: su -c 'invoke-rc.d mandos start'
130
For Debian: su - -c 'invoke-rc.d mandos start'
119
131
For Ubuntu: sudo service mandos start
121
133
At this point, it is possible to verify that the correct password
124
136
# /usr/lib/mandos/plugins.d/mandos-client \
125
137
--pubkey=/etc/keys/mandos/pubkey.txt \
126
--seckey=/etc/keys/mandos/seckey.txt; echo
138
--seckey=/etc/keys/mandos/seckey.txt \
139
--tls-privkey=/etc/keys/mandos/tls-privkey.pem \
140
--tls-pubkey=/etc/keys/mandos/tls-pubkey.pem; echo
128
142
This command should retrieve the password from the server,
129
143
decrypt it, and output it to standard output.
added
removed
INSTALL
