/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-request.xml

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzrignore

COPYING

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

plugins.d/usplash

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/password-request.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/password-request.xml

<?xml version="1.0" encoding="UTF-8"?>

<?xml-stylesheet type="text/xsl"

href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "password-request">

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

<manvolnum>8mandos</manvolnum>

</refmeta>

<refname><command>&COMMANDNAME;</command></refname>

Client for mandos

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--connect

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

<arg choice="plain"><option>-c

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--keydir

<replaceable>DIRECTORY</replaceable></option></arg>

<arg choice="plain"><option>-d

<replaceable>DIRECTORY</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

100

</group>

101

<sbr/>

102

<group>

103

<arg choice="plain"><option>--pubkey

104

105

<arg choice="plain"><option>-p

106

107

</group>

108

<sbr/>

109

<group>

110

<arg choice="plain"><option>--seckey

111

112

<arg choice="plain"><option>-s

113

114

</group>

115

<sbr/>

116

<arg>

117

<option>--priority <replaceable>STRING</replaceable></option>

118

</arg>

119

<sbr/>

120

<arg>

121

122

</arg>

123

<sbr/>

124

<arg>

125

<option>--debug</option>

126

</arg>

127

</cmdsynopsis>

128

129

<command>&COMMANDNAME;</command>

130

131

132

133

</group>

134

</cmdsynopsis>

135

136

<command>&COMMANDNAME;</command>

137

<arg choice="plain"><option>--usage</option></arg>

138

</cmdsynopsis>

139

140

<command>&COMMANDNAME;</command>

141

142

<arg choice="plain"><option>--version</option></arg>

143

144

</group>

145

</cmdsynopsis>

146

</refsynopsisdiv>

147

148

149

<title>DESCRIPTION</title>

150

<para>

151

<command>&COMMANDNAME;</command> is a mandos plugin that works

152

like a client program that through avahi detects mandos servers,

153

sets up a gnutls connect and request a encrypted password. Any

154

passwords given is automaticly decrypted and passed to

155

cryptsetup.

156

</para>

157

</refsect1>

158

159

160

<title>OPTIONS</title>

161

<para>

162

Commonly not invoked as command lines but from configuration

163

file of plugin runner.

164

</para>

165

166

167

168

<term><option>--connect=<replaceable

169

>IPADDR</replaceable><literal>:</literal><replaceable

170

>PORT</replaceable></option></term>

171

<term><option>-c

172

<replaceable>IPADDR</replaceable><literal>:</literal

173

><replaceable>PORT</replaceable></option></term>

174

175

<para>

176

Connect directly to a specified mandos server

177

</para>

178

</listitem>

179

</varlistentry>

180

181

182

<term><option>--keydir=<replaceable

183

>DIRECTORY</replaceable></option></term>

184

<term><option>-d

185

<replaceable>DIRECTORY</replaceable></option></term>

186

187

<para>

188

Directory where the openpgp keyring is

189

</para>

190

</listitem>

191

</varlistentry>

192

193

194

<term><option>--interface=

195

196

<term><option>-i

197

198

199

<para>

200

Interface that Avahi will connect through

201

</para>

202

</listitem>

203

</varlistentry>

204

205

206

<term><option>--pubkey=<replaceable

207

>FILE</replaceable></option></term>

208

<term><option>-p

209

210

211

<para>

212

Public openpgp key for gnutls authentication

213

</para>

214

</listitem>

215

</varlistentry>

216

217

218

<term><option>--seckey=<replaceable

219

>FILE</replaceable></option></term>

220

<term><option>-s

221

222

223

<para>

224

Secret OpenPGP key for GnuTLS authentication

225

</para>

226

</listitem>

227

</varlistentry>

228

229

230

<term><option>--priority=<replaceable

231

>STRING</replaceable></option></term>

232

233

<para>

234

GnuTLS priority

235

</para>

236

</listitem>

237

</varlistentry>

238

239

240

<term><option>--dh-bits=<replaceable

241

>BITS</replaceable></option></term>

242

243

<para>

244

DH bits to use in gnutls communication

245

</para>

246

</listitem>

247

</varlistentry>

248

249

250

<term><option>--debug</option></term>

251

252

<para>

253

Debug mode

254

</para>

255

</listitem>

256

</varlistentry>

257

258

259

260

261

262

<para>

263

Gives a help message

264

</para>

265

</listitem>

266

</varlistentry>

267

268

269

<term><option>--usage</option></term>

270

271

<para>

272

Gives a short usage message

273

</para>

274

</listitem>

275

</varlistentry>

276

277

278

<term><option>--version</option></term>

279

280

281

<para>

282

Prints the program version

283

</para>

284

</listitem>

285

</varlistentry>

286

</variablelist>

287

</refsect1>

288

289

290

<title>EXIT STATUS</title>

291

<para>

292

</para>

293

</refsect1>

294

295

296

<title>ENVIRONMENT</title>

297

<para>

298

</para>

299

</refsect1>

300

301

302

<title>FILES</title>

303

<para>

304

</para>

305

</refsect1>

306

307

308

309

<para>

310

</para>

311

</refsect1>

312

313

314

<title>EXAMPLE</title>

315

<para>

316

</para>

317

</refsect1>

318

319

320

<title>SECURITY</title>

321

<para>

322

</para>

323

</refsect1>

324

325

326

327

<para>

328

<citerefentry><refentrytitle>mandos</refentrytitle>

329

<manvolnum>8</manvolnum></citerefentry>,

330

<citerefentry><refentrytitle>password-prompt</refentrytitle>

331

<manvolnum>8mandos</manvolnum></citerefentry>,

332

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

333

<manvolnum>8mandos</manvolnum></citerefentry>

334

</para>

335

336

337

<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>

338

</para></listitem>

339

340

341

<ulink url="http://www.avahi.org/">Avahi</ulink>

342

</para></listitem>

343

344

345

<ulink

346

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

347

</para></listitem>

348

349

350

<ulink

351

url="http://www.gnupg.org/related_software/gpgme/">

352

GPGME</ulink>

353

</para></listitem>

354

355

356

<citation>RFC 4880: <citetitle>OpenPGP Message

357

Format</citetitle></citation>

358

</para></listitem>

359

360

361

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

362

Transport Layer Security</citetitle></citation>

363

</para></listitem>

364

365

366

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

367

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

368

Unicast Addresses</citation>

369

</para></listitem>

370

</itemizedlist>

371

</refsect1>

372

373

</refentry>

374

375

376

377

378

Older »