/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-09-03 17:34:29 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080903173429-db2mjtddf7mgbx8z
* plugins.d/password-request.xml (OVERVIEW): Refer to
                                             password-prompt(8) by
                                             name.
  (SECURITY): Improved wording.  Add paragraph about insecurity of
              ping.
  (SEE ALSO): Add references to cryptsetup(8) and crypttab(5).
              Changed to be a <variablelist> and added text.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-clients.conf.xml
1
 
<?xml version='1.0' encoding='UTF-8'?>
 
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY CONFNAME "mandos-clients.conf">
6
6
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
 
7
<!ENTITY TIMESTAMP "2008-08-31">
7
8
]>
8
9
 
9
 
<refentry>
 
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
10
11
  <refentryinfo>
11
 
    <title>&CONFNAME;</title>
 
12
    <title>Mandos Manual</title>
12
13
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
13
 
    <productname>&CONFNAME;</productname>
 
14
    <productname>Mandos</productname>
14
15
    <productnumber>&VERSION;</productnumber>
 
16
    <date>&TIMESTAMP;</date>
15
17
    <authorgroup>
16
18
      <author>
17
19
        <firstname>Björn</firstname>
33
35
      <holder>Teddy Hogeborn</holder>
34
36
      <holder>Björn Påhlsson</holder>
35
37
    </copyright>
36
 
    <legalnotice>
37
 
      <para>
38
 
        This manual page is free software: you can redistribute it
39
 
        and/or modify it under the terms of the GNU General Public
40
 
        License as published by the Free Software Foundation,
41
 
        either version 3 of the License, or (at your option) any
42
 
        later version.
43
 
      </para>
44
 
 
45
 
      <para>
46
 
        This manual page is distributed in the hope that it will
47
 
        be useful, but WITHOUT ANY WARRANTY; without even the
48
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
49
 
        PARTICULAR PURPOSE.  See the GNU General Public License
50
 
        for more details.
51
 
      </para>
52
 
 
53
 
      <para>
54
 
        You should have received a copy of the GNU General Public
55
 
        License along with this program; If not, see
56
 
        <ulink url="http://www.gnu.org/licenses/"/>.
57
 
      </para>
58
 
    </legalnotice>
 
38
    <xi:include href="legalnotice.xml"/>
59
39
  </refentryinfo>
60
40
 
61
41
  <refmeta>
71
51
  </refnamediv>
72
52
 
73
53
  <refsynopsisdiv>
74
 
    <synopsis>
75
 
      &CONFPATH;
76
 
    </synopsis>
 
54
    <synopsis>&CONFPATH;</synopsis>
77
55
  </refsynopsisdiv>
78
56
 
79
57
  <refsect1 id="description">
121
99
    <variablelist>
122
100
 
123
101
      <varlistentry>
124
 
        <term><literal><varname>timeout</varname></literal></term>
 
102
        <term><option>timeout<literal> = </literal><replaceable
 
103
        >TIME</replaceable></option></term>
125
104
        <listitem>
126
 
          <synopsis><literal>timeout = </literal><replaceable
127
 
          >TIME</replaceable>
128
 
          </synopsis>
129
105
          <para>
130
106
            The timeout is how long the server will wait for a
131
107
            successful checker run until a client is considered
149
125
      </varlistentry>
150
126
 
151
127
      <varlistentry>
152
 
        <term><literal><varname>interval</varname></literal></term>
 
128
        <term><option>interval<literal> = </literal><replaceable
 
129
        >TIME</replaceable></option></term>
153
130
        <listitem>
154
 
          <synopsis><literal>interval = </literal><replaceable
155
 
          >TIME</replaceable>
156
 
          </synopsis>
157
131
          <para>
158
132
            How often to run the checker to confirm that a client is
159
133
            still up.  <emphasis>Note:</emphasis> a new checker will
168
142
            as for <varname>timeout</varname> above.
169
143
          </para>
170
144
        </listitem>
171
 
      </varlistentry>      
 
145
      </varlistentry>
172
146
 
173
147
      <varlistentry>
174
 
        <term><literal>checker</literal></term>
 
148
        <term><option>checker<literal> = </literal><replaceable
 
149
        >COMMAND</replaceable></option></term>
175
150
        <listitem>
176
 
          <synopsis><literal>checker = </literal><replaceable
177
 
          >COMMAND</replaceable>
178
 
          </synopsis>
179
151
          <para>
180
152
            This option allows you to override the default shell
181
153
            command that the server will use to check if the client is
198
170
      </varlistentry>
199
171
      
200
172
      <varlistentry>
201
 
        <term><literal>fingerprint</literal></term>
 
173
        <term><option>fingerprint<literal> = </literal
 
174
        ><replaceable>HEXSTRING</replaceable></option></term>
202
175
        <listitem>
203
 
          <synopsis><literal>fingerprint = </literal><replaceable
204
 
          >HEXSTRING</replaceable>
205
 
          </synopsis>
206
176
          <para>
207
177
            This option sets the OpenPGP fingerprint that identifies
208
178
            the public key that clients authenticate themselves with
213
183
      </varlistentry>
214
184
      
215
185
      <varlistentry>
216
 
        <term><literal>secret</literal></term>
 
186
        <term><option>secret<literal> = </literal><replaceable
 
187
        >BASE64_ENCODED_DATA</replaceable></option></term>
217
188
        <listitem>
218
 
          <synopsis><literal>secret = </literal><replaceable
219
 
          >BASE64_ENCODED_DATA</replaceable>
220
 
          </synopsis>
221
189
          <para>
222
190
            If present, this option must be set to a string of
223
191
            base64-encoded binary data.  It will be decoded and sent
245
213
      </varlistentry>
246
214
 
247
215
      <varlistentry>
248
 
        <term><literal>secfile</literal></term>
 
216
        <term><option>secfile<literal> = </literal><replaceable
 
217
        >FILENAME</replaceable></option></term>
249
218
        <listitem>
250
 
          <synopsis><literal>secfile = </literal><replaceable
251
 
          >FILENAME</replaceable>
252
 
          </synopsis>
253
219
          <para>
254
 
            The same as <option>secret</option>, but the secret data
255
 
            is in an external file.  The contents of the file should
256
 
            <emphasis>not</emphasis> be base64-encoded, but will be
257
 
            sent to clients verbatim.
 
220
            Similar to the <option>secret</option>, except the secret
 
221
            data is in an external file.  The contents of the file
 
222
            should <emphasis>not</emphasis> be base64-encoded, but
 
223
            will be sent to clients verbatim.
258
224
          </para>
259
225
          <para>
260
226
            This option is only used, and <emphasis>must</emphasis> be
264
230
      </varlistentry>
265
231
 
266
232
      <varlistentry>
267
 
        <term><literal>host</literal></term>
 
233
        <term><option><literal>host = </literal><replaceable
 
234
        >STRING</replaceable></option></term>
268
235
        <listitem>
269
 
          <synopsis><literal>host = </literal><replaceable
270
 
          >STRING</replaceable>
271
 
          </synopsis>
272
236
          <para>
273
237
            Host name for this client.  This is not used by the server
274
238
            directly, but can be, and is by default, used by the
278
242
      </varlistentry>
279
243
      
280
244
    </variablelist>
281
 
  </refsect1>  
 
245
  </refsect1>
282
246
  
283
247
  <refsect1 id="expansion">
284
248
    <title>EXPANSION</title>
327
291
        percent characters in a row (<quote>%%%%</quote>) must be
328
292
        entered.  Also, a bad format here will lead to an immediate
329
293
        but <emphasis>silent</emphasis> run-time fatal exit; debug
330
 
        mode is needed to track down an error of this kind.
 
294
        mode is needed to expose an error of this kind.
331
295
      </para>
332
296
    </refsect2>
333
297
 
334
 
  </refsect1>  
 
298
  </refsect1>
335
299
  
336
300
  <refsect1 id="files">
337
301
    <title>FILES</title>
393
357
 
394
358
      </programlisting>
395
359
    </informalexample>
396
 
  </refsect1>  
 
360
  </refsect1>
397
361
  
398
362
  <refsect1 id="see_also">
399
363
    <title>SEE ALSO</title>
400
364
    <para>
401
 
      <citerefentry>
402
 
        <refentrytitle>mandos</refentrytitle>
403
 
        <manvolnum>8</manvolnum></citerefentry>, <citerefentry>
404
 
        <refentrytitle>mandos-keygen</refentrytitle>
405
 
        <manvolnum>8</manvolnum></citerefentry>, <citerefentry>
406
 
        <refentrytitle>mandos.conf</refentrytitle>
407
 
        <manvolnum>5</manvolnum></citerefentry>
 
365
      <citerefentry><refentrytitle>mandos-keygen</refentrytitle>
 
366
      <manvolnum>8</manvolnum></citerefentry>,
 
367
      <citerefentry><refentrytitle>mandos.conf</refentrytitle>
 
368
      <manvolnum>5</manvolnum></citerefentry>,
 
369
      <citerefentry><refentrytitle>mandos</refentrytitle>
 
370
      <manvolnum>8</manvolnum></citerefentry>
408
371
    </para>
409
372
  </refsect1>
410
373
</refentry>
 
374
<!-- Local Variables: -->
 
375
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
 
376
<!-- time-stamp-end: "[\"']>" -->
 
377
<!-- time-stamp-format: "%:y-%02m-%02d" -->
 
378
<!-- End: -->