/mandos/trunk : revision 237.2.11

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2009-01-17 02:12:05 UTC
mto: (24.1.170 mandos) (237.4.29 release)
mto: This revision was merged to the branch mainline in revision 273.
Revision ID: teddy@fukt.bsnet.se-20090117021205-581c9f5ccub4576r

Tags: version-1.0.5-1

* Makefile (version): Changed to "1.0.5".
* NEWS (1.0.5): New entry.
* debian/changelog (1.0.5-1): - '' -

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

legalnotice.xml

mandos-ctl

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-08-30">

<!ENTITY TIMESTAMP "2009-01-04">

<!ENTITY % common SYSTEM "common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

<xi:include href="legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

109

110

<command>&COMMANDNAME;</command>

111

112

113

114

</group>

115

</cmdsynopsis>

116

122

102

<arg choice="plain"><option>--check</option></arg>

123

103

</cmdsynopsis>

124

104

</refsynopsisdiv>

125

105

126

106

127

107

<title>DESCRIPTION</title>

128

108

<para>

137

117

Any authenticated client is then given the stored pre-encrypted

138

118

password for that specific client.

139

119

</para>

140

141

120

</refsect1>

142

121

143

122

144

123

<title>PURPOSE</title>

145

146

124

<para>

147

125

The purpose of this is to enable <emphasis>remote and unattended

148

126

rebooting</emphasis> of client host computer with an

149

127

<emphasis>encrypted root file system</emphasis>. See <xref

150

128

linkend="overview"/> for details.

151

129

</para>

152

153

130

</refsect1>

154

131

155

132

156

133

<title>OPTIONS</title>

157

158

134

159

135

136

160

137

161

162

138

163

139

<para>

164

140

Show a help message and exit

165

141

</para>

166

142

</listitem>

167

143

</varlistentry>

168

144

169

145

146

<term><option>--interface</option>

147

170

148

171

149

172

<term><option>--interface</option>

173

174

150

175

151

<xi:include href="mandos-options.xml" xpointer="interface"/>

176

152

</listitem>

177

153

</varlistentry>

178

154

179

155

180

<term><literal>-a</literal>, <literal>--address <replaceable>

181

ADDRESS</replaceable></literal></term>

156

<term><option>--address

157

<replaceable>ADDRESS</replaceable></option></term>

158

<term><option>-a

159

<replaceable>ADDRESS</replaceable></option></term>

182

160

183

161

<xi:include href="mandos-options.xml" xpointer="address"/>

184

162

</listitem>

185

163

</varlistentry>

186

164

187

165

188

189

PORT</replaceable></literal></term>

166

<term><option>--port

167

168

<term><option>-p

169

190

170

191

171

<xi:include href="mandos-options.xml" xpointer="port"/>

192

172

</listitem>

193

173

</varlistentry>

194

174

195

175

196

<term><literal>--check</literal></term>

176

<term><option>--check</option></term>

197

177

198

178

<para>

199

179

Run the server’s self-tests. This includes any unit

201

181

</para>

202

182

</listitem>

203

183

</varlistentry>

204

184

205

185

206

<term><literal>--debug</literal></term>

186

<term><option>--debug</option></term>

207

187

208

188

<xi:include href="mandos-options.xml" xpointer="debug"/>

209

189

</listitem>

210

190

</varlistentry>

211

191

212

192

213

<term><literal>--priority <replaceable>

214

PRIORITY</replaceable></literal></term>

193

<term><option>--priority <replaceable>

194

PRIORITY</replaceable></option></term>

215

195

216

196

<xi:include href="mandos-options.xml" xpointer="priority"/>

217

197

</listitem>

218

198

</varlistentry>

219

199

220

200

221

<term><literal>--servicename <replaceable>NAME</replaceable>

222

</literal></term>

201

<term><option>--servicename

202

223

203

224

204

<xi:include href="mandos-options.xml"

225

205

xpointer="servicename"/>

226

206

</listitem>

227

207

</varlistentry>

228

208

229

209

230

<term><literal>--configdir <replaceable>DIR</replaceable>

231

</literal></term>

210

<term><option>--configdir

211

<replaceable>DIRECTORY</replaceable></option></term>

232

212

233

213

<para>

234

214

Directory to search for configuration files. Default is

240

220

</para>

241

221

</listitem>

242

222

</varlistentry>

243

223

244

224

245

<term><literal>--version</literal></term>

225

<term><option>--version</option></term>

246

226

247

227

<para>

248

228

Prints the program version and exit.

251

231

</varlistentry>

252

232

</variablelist>

253

233

</refsect1>

254

234

255

235

256

236

<title>OVERVIEW</title>

257

237

<xi:include href="overview.xml"/>

258

238

<para>

259

239

This program is the server part. It is a normal server program

260

240

and will run in a normal system environment, not in an initial

261

RAM disk environment.

241

<acronym>RAM</acronym> disk environment.

262

242

</para>

263

243

</refsect1>

264

244

265

245

266

246

<title>NETWORK PROTOCOL</title>

267

247

<para>

319

299

</row>

320

300

</tbody></tgroup></table>

321

301

</refsect1>

322

302

323

303

324

304

<title>CHECKING</title>

325

305

<para>

333

313

<manvolnum>5</manvolnum></citerefentry>.

334

314

</para>

335

315

</refsect1>

336

316

337

317

338

318

<title>LOGGING</title>

339

319

<para>

343

323

and also show them on the console.

344

324

</para>

345

325

</refsect1>

346

326

347

327

348

328

<title>EXIT STATUS</title>

349

329

<para>

351

331

critical error is encountered.

352

332

</para>

353

333

</refsect1>

354

334

355

335

356

336

<title>ENVIRONMENT</title>

357

337

371

351

</varlistentry>

372

352

</variablelist>

373

353

</refsect1>

374

375

354

355

376

356

<title>FILES</title>

377

357

<para>

378

358

Use the <option>--configdir</option> option to change where

401

381

</listitem>

402

382

</varlistentry>

403

383

404

<term><filename>/var/run/mandos/mandos.pid</filename></term>

384

<term><filename>/var/run/mandos.pid</filename></term>

405

385

406

386

<para>

407

387

The file containing the process id of

442

422

Currently, if a client is declared <quote>invalid</quote> due to

443

423

having timed out, the server does not record this fact onto

444

424

permanent storage. This has some security implications, see

445

<xref linkend="CLIENTS"/>.

425

<xref linkend="clients"/>.

446

426

</para>

447

427

<para>

448

428

There is currently no way of querying the server of the current

456

436

Debug mode is conflated with running in the foreground.

457

437

</para>

458

438

<para>

459

The console log messages does not show a timestamp.

439

The console log messages does not show a time stamp.

440

</para>

441

<para>

442

This server does not check the expire time of clients’ OpenPGP

443

keys.

460

444

</para>

461

445

</refsect1>

462

446

497

481

</para>

498

482

</informalexample>

499

483

</refsect1>

500

484

501

485

502

486

<title>SECURITY</title>

503

487

504

488

<title>SERVER</title>

505

489

<para>

506

490

Running this <command>&COMMANDNAME;</command> server program

507

491

should not in itself present any security risk to the host

508

computer running it. The program does not need any special

509

privileges to run, and is designed to run as a non-root user.

492

computer running it. The program switches to a non-root user

493

soon after startup.

510

494

</para>

511

495

</refsect2>

512

496

513

497

<title>CLIENTS</title>

514

498

<para>

515

499

The server only gives out its stored data to clients which

522

506

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

523

507

<manvolnum>5</manvolnum></citerefentry>)

524

508

<emphasis>must</emphasis> be made non-readable by anyone

525

except the user running the server.

509

except the user starting the server (usually root).

526

510

</para>

527

511

<para>

528

512

As detailed in <xref linkend="checking"/>, the status of all

539

523

restarting servers if it is suspected that a client has, in

540

524

fact, been compromised by parties who may now be running a

541

525

fake Mandos client with the keys from the non-encrypted

542

initial RAM image of the client host. What should be done in

543

that case (if restarting the server program really is

544

necessary) is to stop the server program, edit the

526

initial <acronym>RAM</acronym> image of the client host. What

527

should be done in that case (if restarting the server program

528

really is necessary) is to stop the server program, edit the

545

529

configuration file to omit any suspect clients, and restart

546

530

the server program.

547

531

</para>

548

532

<para>

549

533

For more details on client-side security, see

550

<citerefentry><refentrytitle>password-request</refentrytitle>

534

<citerefentry><refentrytitle>mandos-client</refentrytitle>

551

535

<manvolnum>8mandos</manvolnum></citerefentry>.

552

536

</para>

553

537

</refsect2>

554

538

</refsect1>

555

539

556

540

557

541

558

542

<para>

561

545

562

546

<refentrytitle>mandos.conf</refentrytitle>

563

547

564

<refentrytitle>password-request</refentrytitle>

548

<refentrytitle>mandos-client</refentrytitle>

565

549

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

566

550

567

551

</citerefentry>

Older »