/mandos/trunk : revision 123

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-08-31 08:47:38 UTC
Revision ID: teddy@fukt.bsnet.se-20080831084738-uu70kayyt876982d

* mandos-keygen: Minor help text change.

* mandos-keygen.xml: Changed plural "keys" to singular "key"
                     throughout.
  (NAME): Improved wording.
  (DESCRIPTION): Improved wording.
  (OPTIONS): Split options in <term> tags into separate <term> tags.
             Use <option> tags.  Move long options before short
             options.  Uppercase replaceables.
  (OVERVIEW): Improved wording.
  (EXIT STATUS): Also cover --password option.
  (EXAMPLE): Add two examples using the --password option.
  (SECURITY): Improved wording.

* overview.xml: Improved wording.

files added:
plugins.d/usplash

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

legalnotice.xml

mandos-ctl

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2009-02-24">

<!ENTITY % common SYSTEM "common.ent">

%common;

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&version;</productnumber>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="legalnotice.xml"/>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

105

<replaceable>DIRECTORY</replaceable></option></arg>

106

<sbr/>

107

<arg><option>--debug</option></arg>

<sbr/>

108

</cmdsynopsis>

109

110

<command>&COMMANDNAME;</command>

104

122

<arg choice="plain"><option>--check</option></arg>

105

123

</cmdsynopsis>

106

124

</refsynopsisdiv>

107

125

108

126

109

127

<title>DESCRIPTION</title>

110

128

<para>

119

137

Any authenticated client is then given the stored pre-encrypted

120

138

password for that specific client.

121

139

</para>

140

122

141

</refsect1>

123

142

124

143

125

144

<title>PURPOSE</title>

145

126

146

<para>

127

147

The purpose of this is to enable <emphasis>remote and unattended

128

148

rebooting</emphasis> of client host computer with an

129

149

<emphasis>encrypted root file system</emphasis>. See <xref

130

150

linkend="overview"/> for details.

131

151

</para>

152

132

153

</refsect1>

133

154

134

155

135

156

<title>OPTIONS</title>

157

136

158

137

159

160

138

161

139

140

162

141

163

<para>

142

164

Show a help message and exit

143

165

</para>

144

166

</listitem>

145

167

</varlistentry>

146

168

147

169

170

171

148

172

<term><option>--interface</option>

149

173

150

151

152

174

153

175

<xi:include href="mandos-options.xml" xpointer="interface"/>

154

176

</listitem>

155

177

</varlistentry>

156

178

157

179

158

<term><option>--address

159

<replaceable>ADDRESS</replaceable></option></term>

160

<term><option>-a

161

<replaceable>ADDRESS</replaceable></option></term>

180

<term><literal>-a</literal>, <literal>--address <replaceable>

181

ADDRESS</replaceable></literal></term>

162

182

163

183

<xi:include href="mandos-options.xml" xpointer="address"/>

164

184

</listitem>

165

185

</varlistentry>

166

186

167

187

168

<term><option>--port

169

170

<term><option>-p

171

188

189

PORT</replaceable></literal></term>

172

190

173

191

<xi:include href="mandos-options.xml" xpointer="port"/>

174

192

</listitem>

175

193

</varlistentry>

176

194

177

195

178

<term><option>--check</option></term>

196

<term><literal>--check</literal></term>

179

197

180

198

<para>

181

199

Run the server’s self-tests. This includes any unit

183

201

</para>

184

202

</listitem>

185

203

</varlistentry>

186

204

187

205

188

<term><option>--debug</option></term>

206

<term><literal>--debug</literal></term>

189

207

190

208

<xi:include href="mandos-options.xml" xpointer="debug"/>

191

209

</listitem>

192

210

</varlistentry>

193

211

194

212

195

<term><option>--priority <replaceable>

196

PRIORITY</replaceable></option></term>

213

<term><literal>--priority <replaceable>

214

PRIORITY</replaceable></literal></term>

197

215

198

216

<xi:include href="mandos-options.xml" xpointer="priority"/>

199

217

</listitem>

200

218

</varlistentry>

201

219

202

220

203

<term><option>--servicename

204

221

<term><literal>--servicename <replaceable>NAME</replaceable>

222

</literal></term>

205

223

206

224

<xi:include href="mandos-options.xml"

207

225

xpointer="servicename"/>

208

226

</listitem>

209

227

</varlistentry>

210

228

211

229

212

<term><option>--configdir

213

<replaceable>DIRECTORY</replaceable></option></term>

230

<term><literal>--configdir <replaceable>DIR</replaceable>

231

</literal></term>

214

232

215

233

<para>

216

234

Directory to search for configuration files. Default is

222

240

</para>

223

241

</listitem>

224

242

</varlistentry>

225

243

226

244

227

<term><option>--version</option></term>

245

<term><literal>--version</literal></term>

228

246

229

247

<para>

230

248

Prints the program version and exit.

231

249

</para>

232

250

</listitem>

233

251

</varlistentry>

234

235

236

237

238

<xi:include href="mandos-options.xml" xpointer="ipv6"/>

239

</listitem>

240

</varlistentry>

241

252

</variablelist>

242

253

</refsect1>

243

254

244

255

245

256

<title>OVERVIEW</title>

246

257

<xi:include href="overview.xml"/>

247

258

<para>

248

259

This program is the server part. It is a normal server program

249

260

and will run in a normal system environment, not in an initial

250

<acronym>RAM</acronym> disk environment.

261

RAM disk environment.

251

262

</para>

252

263

</refsect1>

253

264

254

265

255

266

<title>NETWORK PROTOCOL</title>

256

267

<para>

308

319

</row>

309

320

</tbody></tgroup></table>

310

321

</refsect1>

311

322

312

323

313

324

<title>CHECKING</title>

314

325

<para>

322

333

<manvolnum>5</manvolnum></citerefentry>.

323

334

</para>

324

335

</refsect1>

325

336

326

337

327

338

<title>LOGGING</title>

328

339

<para>

332

343

and also show them on the console.

333

344

</para>

334

345

</refsect1>

335

346

336

347

337

348

<title>EXIT STATUS</title>

338

349

<para>

340

351

critical error is encountered.

341

352

</para>

342

353

</refsect1>

343

354

344

355

345

356

<title>ENVIRONMENT</title>

346

357

360

371

</varlistentry>

361

372

</variablelist>

362

373

</refsect1>

363

364

374

375

365

376

<title>FILES</title>

366

377

<para>

367

378

Use the <option>--configdir</option> option to change where

390

401

</listitem>

391

402

</varlistentry>

392

403

393

<term><filename>/var/run/mandos.pid</filename></term>

404

<term><filename>/var/run/mandos/mandos.pid</filename></term>

394

405

395

406

<para>

396

407

The file containing the process id of

431

442

Currently, if a client is declared <quote>invalid</quote> due to

432

443

having timed out, the server does not record this fact onto

433

444

permanent storage. This has some security implications, see

434

<xref linkend="clients"/>.

445

<xref linkend="CLIENTS"/>.

435

446

</para>

436

447

<para>

437

448

There is currently no way of querying the server of the current

445

456

Debug mode is conflated with running in the foreground.

446

457

</para>

447

458

<para>

448

The console log messages do not show a time stamp.

449

</para>

450

<para>

451

This server does not check the expire time of clients’ OpenPGP

452

keys.

459

The console log messages does not show a timestamp.

453

460

</para>

454

461

</refsect1>

455

462

490

497

</para>

491

498

</informalexample>

492

499

</refsect1>

493

500

494

501

495

502

<title>SECURITY</title>

496

503

497

504

<title>SERVER</title>

498

505

<para>

499

506

Running this <command>&COMMANDNAME;</command> server program

500

507

should not in itself present any security risk to the host

501

computer running it. The program switches to a non-root user

502

soon after startup.

508

computer running it. The program does not need any special

509

privileges to run, and is designed to run as a non-root user.

503

510

</para>

504

511

</refsect2>

505

512

506

513

<title>CLIENTS</title>

507

514

<para>

508

515

The server only gives out its stored data to clients which

515

522

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

516

523

<manvolnum>5</manvolnum></citerefentry>)

517

524

<emphasis>must</emphasis> be made non-readable by anyone

518

except the user starting the server (usually root).

525

except the user running the server.

519

526

</para>

520

527

<para>

521

528

As detailed in <xref linkend="checking"/>, the status of all

532

539

restarting servers if it is suspected that a client has, in

533

540

fact, been compromised by parties who may now be running a

534

541

fake Mandos client with the keys from the non-encrypted

535

initial <acronym>RAM</acronym> image of the client host. What

536

should be done in that case (if restarting the server program

537

really is necessary) is to stop the server program, edit the

542

initial RAM image of the client host. What should be done in

543

that case (if restarting the server program really is

544

necessary) is to stop the server program, edit the

538

545

configuration file to omit any suspect clients, and restart

539

546

the server program.

540

547

</para>

541

548

<para>

542

549

For more details on client-side security, see

543

<citerefentry><refentrytitle>mandos-client</refentrytitle>

550

<citerefentry><refentrytitle>password-request</refentrytitle>

544

551

<manvolnum>8mandos</manvolnum></citerefentry>.

545

552

</para>

546

553

</refsect2>

547

554

</refsect1>

548

555

549

556

550

557

551

558

<para>

554

561

555

562

<refentrytitle>mandos.conf</refentrytitle>

556

563

557

<refentrytitle>mandos-client</refentrytitle>

564

<refentrytitle>password-request</refentrytitle>

558

565

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

559

566

560

567

</citerefentry>

Older »