/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-request.xml

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzrignore

COPYING

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

plugins.d/usplash

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/password-request.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/password-request.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "password-request">

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="../legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

<manvolnum>8mandos</manvolnum>

</refmeta>

<refname><command>&COMMANDNAME;</command></refname>

Client for mandos

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--connect

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

<arg choice="plain"><option>-c

<replaceable>IPADDR</replaceable><literal>:</literal

><replaceable>PORT</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--keydir

<replaceable>DIRECTORY</replaceable></option></arg>

<arg choice="plain"><option>-d

<replaceable>DIRECTORY</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

</group>

<sbr/>

<group>

<arg choice="plain"><option>--pubkey

<arg choice="plain"><option>-p

</group>

<sbr/>

<group>

<arg choice="plain"><option>--seckey

<arg choice="plain"><option>-s

</group>

<sbr/>

<arg>

<option>--priority <replaceable>STRING</replaceable></option>

</arg>

<sbr/>

<arg>

</arg>

<sbr/>

100

<arg>

101

<option>--debug</option>

102

</arg>

103

</cmdsynopsis>

104

105

<command>&COMMANDNAME;</command>

106

107

108

109

</group>

110

</cmdsynopsis>

111

112

<command>&COMMANDNAME;</command>

113

<arg choice="plain"><option>--usage</option></arg>

114

</cmdsynopsis>

115

116

<command>&COMMANDNAME;</command>

117

118

<arg choice="plain"><option>--version</option></arg>

119

120

</group>

121

</cmdsynopsis>

122

</refsynopsisdiv>

123

124

125

<title>DESCRIPTION</title>

126

<para>

127

<command>&COMMANDNAME;</command> is a mandos plugin that works

128

like a client program that through avahi detects mandos servers,

129

sets up a gnutls connect and request a encrypted password. Any

130

passwords given is automaticly decrypted and passed to

131

cryptsetup.

132

</para>

133

</refsect1>

134

135

136

<title>OPTIONS</title>

137

<para>

138

Commonly not invoked as command lines but from configuration

139

file of plugin runner.

140

</para>

141

142

143

144

<term><option>--connect=<replaceable

145

>IPADDR</replaceable><literal>:</literal><replaceable

146

>PORT</replaceable></option></term>

147

<term><option>-c

148

<replaceable>IPADDR</replaceable><literal>:</literal

149

><replaceable>PORT</replaceable></option></term>

150

151

<para>

152

Connect directly to a specified mandos server

153

</para>

154

</listitem>

155

</varlistentry>

156

157

158

<term><option>--keydir=<replaceable

159

>DIRECTORY</replaceable></option></term>

160

<term><option>-d

161

<replaceable>DIRECTORY</replaceable></option></term>

162

163

<para>

164

Directory where the openpgp keyring is

165

</para>

166

</listitem>

167

</varlistentry>

168

169

170

<term><option>--interface=

171

172

<term><option>-i

173

174

175

<para>

176

Interface that Avahi will connect through

177

</para>

178

</listitem>

179

</varlistentry>

180

181

182

<term><option>--pubkey=<replaceable

183

>FILE</replaceable></option></term>

184

<term><option>-p

185

186

187

<para>

188

Public openpgp key for gnutls authentication

189

</para>

190

</listitem>

191

</varlistentry>

192

193

194

<term><option>--seckey=<replaceable

195

>FILE</replaceable></option></term>

196

<term><option>-s

197

198

199

<para>

200

Secret OpenPGP key for GnuTLS authentication

201

</para>

202

</listitem>

203

</varlistentry>

204

205

206

<term><option>--priority=<replaceable

207

>STRING</replaceable></option></term>

208

209

<para>

210

GnuTLS priority

211

</para>

212

</listitem>

213

</varlistentry>

214

215

216

<term><option>--dh-bits=<replaceable

217

>BITS</replaceable></option></term>

218

219

<para>

220

DH bits to use in gnutls communication

221

</para>

222

</listitem>

223

</varlistentry>

224

225

226

<term><option>--debug</option></term>

227

228

<para>

229

Debug mode

230

</para>

231

</listitem>

232

</varlistentry>

233

234

235

236

237

238

<para>

239

Gives a help message

240

</para>

241

</listitem>

242

</varlistentry>

243

244

245

<term><option>--usage</option></term>

246

247

<para>

248

Gives a short usage message

249

</para>

250

</listitem>

251

</varlistentry>

252

253

254

<term><option>--version</option></term>

255

256

257

<para>

258

Prints the program version

259

</para>

260

</listitem>

261

</varlistentry>

262

</variablelist>

263

</refsect1>

264

265

266

<title>EXIT STATUS</title>

267

<para>

268

</para>

269

</refsect1>

270

271

272

<title>ENVIRONMENT</title>

273

<para>

274

</para>

275

</refsect1>

276

277

278

<title>FILES</title>

279

<para>

280

</para>

281

</refsect1>

282

283

284

285

<para>

286

</para>

287

</refsect1>

288

289

290

<title>EXAMPLE</title>

291

<para>

292

</para>

293

</refsect1>

294

295

296

<title>SECURITY</title>

297

<para>

298

</para>

299

</refsect1>

300

301

302

303

<para>

304

<citerefentry><refentrytitle>mandos</refentrytitle>

305

<manvolnum>8</manvolnum></citerefentry>,

306

<citerefentry><refentrytitle>password-prompt</refentrytitle>

307

<manvolnum>8mandos</manvolnum></citerefentry>,

308

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

309

<manvolnum>8mandos</manvolnum></citerefentry>

310

</para>

311

312

313

<ulink url="http://www.zeroconf.org/">Zeroconf</ulink>

314

</para></listitem>

315

316

317

<ulink url="http://www.avahi.org/">Avahi</ulink>

318

</para></listitem>

319

320

321

<ulink

322

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

323

</para></listitem>

324

325

326

<ulink

327

url="http://www.gnupg.org/related_software/gpgme/">

328

GPGME</ulink>

329

</para></listitem>

330

331

332

<citation>RFC 4880: <citetitle>OpenPGP Message

333

Format</citetitle></citation>

334

</para></listitem>

335

336

337

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

338

Transport Layer Security</citetitle></citation>

339

</para></listitem>

340

341

342

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

343

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

344

Unicast Addresses</citation>

345

</para></listitem>

346

</itemizedlist>

347

</refsect1>

348

349

</refentry>

350

351

352

353

354

Older »