/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-request.xml

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzrignore

COPYING

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

plugins.d/usplash

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/password-request.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/password-request.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "password-request">

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

<manvolnum>8mandos</manvolnum>

</refmeta>

<refname><command>&COMMANDNAME;</command></refname>

Client for mandos

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--connect

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

<arg choice="plain"><option>-c

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--keydir

<replaceable>DIRECTORY</replaceable></option></arg>

<arg choice="plain"><option>-d

<replaceable>DIRECTORY</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

</group>

<sbr/>

100

<group>

101

<arg choice="plain"><option>--pubkey

102

103

<arg choice="plain"><option>-p

104

105

</group>

106

<sbr/>

107

<group>

108

<arg choice="plain"><option>--seckey

109

110

<arg choice="plain"><option>-s

111

112

</group>

113

<sbr/>

114

<arg>

115

<option>--priority <replaceable>STRING</replaceable></option>

116

</arg>

117

<sbr/>

118

<arg>

119

120

</arg>

121

<sbr/>

122

<arg>

123

<option>--debug</option>

124

</arg>

125

</cmdsynopsis>

126

127

<command>&COMMANDNAME;</command>

128

129

130

131

</group>

132

</cmdsynopsis>

133

134

<command>&COMMANDNAME;</command>

135

<arg choice="plain"><option>--usage</option></arg>

136

</cmdsynopsis>

137

138

<command>&COMMANDNAME;</command>

139

140

<arg choice="plain"><option>--version</option></arg>

141

142

</group>

143

</cmdsynopsis>

144

</refsynopsisdiv>

145

146

147

<title>DESCRIPTION</title>

148

<para>

149

<command>&COMMANDNAME;</command> is a mandos plugin that works

150

like a client program that through avahi detects mandos servers,

151

sets up a gnutls connect and request a encrypted password. Any

152

passwords given is automaticly decrypted and passed to

153

cryptsetup.

154

</para>

155

</refsect1>

156

157

158

<title>OPTIONS</title>

159

<para>

160

Commonly not invoked as command lines but from configuration

161

file of plugin runner.

162

</para>

163

164

165

166

<term><option>--connect=<replaceable

167

>IPADDR</replaceable><literal>:</literal><replaceable

168

>PORT</replaceable></option></term>

169

<term><option>-c

170

<replaceable>IPADDR</replaceable><literal>:</literal

171

><replaceable>PORT</replaceable></option></term>

172

173

<para>

174

Connect directly to a specified mandos server

175

</para>

176

</listitem>

177

</varlistentry>

178

179

180

<term><option>--keydir=<replaceable

181

>DIRECTORY</replaceable></option></term>

182

<term><option>-d

183

<replaceable>DIRECTORY</replaceable></option></term>

184

185

<para>

186

Directory where the openpgp keyring is

187

</para>

188

</listitem>

189

</varlistentry>

190

191

192

<term><option>--interface=

193

194

<term><option>-i

195

196

197

<para>

198

Interface that Avahi will connect through

199

</para>

200

</listitem>

201

</varlistentry>

202

203

204

<term><option>--pubkey=<replaceable

205

>FILE</replaceable></option></term>

206

<term><option>-p

207

208

209

<para>

210

Public openpgp key for gnutls authentication

211

</para>

212

</listitem>

213

</varlistentry>

214

215

216

<term><option>--seckey=<replaceable

217

>FILE</replaceable></option></term>

218

<term><option>-s

219

220

221

<para>

222

Secret OpenPGP key for GnuTLS authentication

223

</para>

224

</listitem>

225

</varlistentry>

226

227

228

<term><option>--priority=<replaceable

229

>STRING</replaceable></option></term>

230

231

<para>

232

GnuTLS priority

233

</para>

234

</listitem>

235

</varlistentry>

236

237

238

<term><option>--dh-bits=<replaceable

239

>BITS</replaceable></option></term>

240

241

<para>

242

DH bits to use in gnutls communication

243

</para>

244

</listitem>

245

</varlistentry>

246

247

248

<term><option>--debug</option></term>

249

250

<para>

251

Debug mode

252

</para>

253

</listitem>

254

</varlistentry>

255

256

257

258

259

260

<para>

261

Gives a help message

262

</para>

263

</listitem>

264

</varlistentry>

265

266

267

<term><option>--usage</option></term>

268

269

<para>

270

Gives a short usage message

271

</para>

272

</listitem>

273

</varlistentry>

274

275

276

<term><option>--version</option></term>

277

278

279

<para>

280

Prints the program version

281

</para>

282

</listitem>

283

</varlistentry>

284

</variablelist>

285

</refsect1>

286

287

288

<title>EXIT STATUS</title>

289

<para>

290

</para>

291

</refsect1>

292

293

294

<title>ENVIRONMENT</title>

295

<para>

296

</para>

297

</refsect1>

298

299

300

<title>FILES</title>

301

<para>

302

</para>

303

</refsect1>

304

305

306

307

<para>

308

</para>

309

</refsect1>

310

311

312

<title>EXAMPLE</title>

313

<para>

314

</para>

315

</refsect1>

316

317

318

<title>SECURITY</title>

319

<para>

320

</para>

321

</refsect1>

322

323

324

325

<para>

326

<citerefentry><refentrytitle>mandos</refentrytitle>

327

<manvolnum>8</manvolnum></citerefentry>,

328

<citerefentry><refentrytitle>password-prompt</refentrytitle>

329

<manvolnum>8mandos</manvolnum></citerefentry>,

330

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

331

<manvolnum>8mandos</manvolnum></citerefentry>

332

</para>

333

334

335

<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>

336

</para></listitem>

337

338

339

<ulink url="http://www.avahi.org/">Avahi</ulink>

340

</para></listitem>

341

342

343

<ulink

344

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

345

</para></listitem>

346

347

348

<ulink

349

url="http://www.gnupg.org/related_software/gpgme/">

350

GPGME</ulink>

351

</para></listitem>

352

353

354

<citation>RFC 4880: <citetitle>OpenPGP Message

355

Format</citetitle></citation>

356

</para></listitem>

357

358

359

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

360

Transport Layer Security</citetitle></citation>

361

</para></listitem>

362

363

364

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

365

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

366

Unicast Addresses</citation>

367

</para></listitem>

368

</itemizedlist>

369

</refsect1>

370

371

</refentry>

372

373

374

375

376

Older »