/mandos/trunk : revision 237.2.17

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2009-02-25 01:21:37 UTC
mfrom: (323 mandos)
mto: (24.1.170 mandos) (237.4.29 release)
mto: This revision was merged to the branch mainline in revision 324.
Revision ID: teddy@fukt.bsnet.se-20090225012137-2pgnggykq7zhy2i0

Merge from trunk. Bug fix for initramfs-tools-hook.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

legalnotice.xml

mandos-ctl

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-08-30">

<!ENTITY TIMESTAMP "2009-02-24">

<!ENTITY % common SYSTEM "common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

<xi:include href="legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

105

<replaceable>DIRECTORY</replaceable></option></arg>

106

<sbr/>

107

<arg><option>--debug</option></arg>

<sbr/>

108

</cmdsynopsis>

109

110

<command>&COMMANDNAME;</command>

111

112

113

114

</group>

115

</cmdsynopsis>

116

122

104

<arg choice="plain"><option>--check</option></arg>

123

105

</cmdsynopsis>

124

106

</refsynopsisdiv>

125

107

126

108

127

109

<title>DESCRIPTION</title>

128

110

<para>

137

119

Any authenticated client is then given the stored pre-encrypted

138

120

password for that specific client.

139

121

</para>

140

141

122

</refsect1>

142

123

143

124

144

125

<title>PURPOSE</title>

145

146

126

<para>

147

127

The purpose of this is to enable <emphasis>remote and unattended

148

128

rebooting</emphasis> of client host computer with an

149

129

<emphasis>encrypted root file system</emphasis>. See <xref

150

130

linkend="overview"/> for details.

151

131

</para>

152

153

132

</refsect1>

154

133

155

134

156

135

<title>OPTIONS</title>

157

158

136

159

137

138

160

139

161

162

140

163

141

<para>

164

142

Show a help message and exit

165

143

</para>

166

144

</listitem>

167

145

</varlistentry>

168

146

169

147

148

<term><option>--interface</option>

149

170

150

171

151

172

<term><option>--interface</option>

173

174

152

175

153

<xi:include href="mandos-options.xml" xpointer="interface"/>

176

154

</listitem>

177

155

</varlistentry>

178

156

179

157

180

<term><literal>-a</literal>, <literal>--address <replaceable>

181

ADDRESS</replaceable></literal></term>

158

<term><option>--address

159

<replaceable>ADDRESS</replaceable></option></term>

160

<term><option>-a

161

<replaceable>ADDRESS</replaceable></option></term>

182

162

183

163

<xi:include href="mandos-options.xml" xpointer="address"/>

184

164

</listitem>

185

165

</varlistentry>

186

166

187

167

188

189

PORT</replaceable></literal></term>

168

<term><option>--port

169

170

<term><option>-p

171

190

172

191

173

<xi:include href="mandos-options.xml" xpointer="port"/>

192

174

</listitem>

193

175

</varlistentry>

194

176

195

177

196

<term><literal>--check</literal></term>

178

<term><option>--check</option></term>

197

179

198

180

<para>

199

181

Run the server’s self-tests. This includes any unit

201

183

</para>

202

184

</listitem>

203

185

</varlistentry>

204

186

205

187

206

<term><literal>--debug</literal></term>

188

<term><option>--debug</option></term>

207

189

208

190

<xi:include href="mandos-options.xml" xpointer="debug"/>

209

191

</listitem>

210

192

</varlistentry>

211

193

212

194

213

<term><literal>--priority <replaceable>

214

PRIORITY</replaceable></literal></term>

195

<term><option>--priority <replaceable>

196

PRIORITY</replaceable></option></term>

215

197

216

198

<xi:include href="mandos-options.xml" xpointer="priority"/>

217

199

</listitem>

218

200

</varlistentry>

219

201

220

202

221

<term><literal>--servicename <replaceable>NAME</replaceable>

222

</literal></term>

203

<term><option>--servicename

204

223

205

224

206

<xi:include href="mandos-options.xml"

225

207

xpointer="servicename"/>

226

208

</listitem>

227

209

</varlistentry>

228

210

229

211

230

<term><literal>--configdir <replaceable>DIR</replaceable>

231

</literal></term>

212

<term><option>--configdir

213

<replaceable>DIRECTORY</replaceable></option></term>

232

214

233

215

<para>

234

216

Directory to search for configuration files. Default is

240

222

</para>

241

223

</listitem>

242

224

</varlistentry>

243

225

244

226

245

<term><literal>--version</literal></term>

227

<term><option>--version</option></term>

246

228

247

229

<para>

248

230

Prints the program version and exit.

249

231

</para>

250

232

</listitem>

251

233

</varlistentry>

234

235

236

237

238

<xi:include href="mandos-options.xml" xpointer="ipv6"/>

239

</listitem>

240

</varlistentry>

252

241

</variablelist>

253

242

</refsect1>

254

243

255

244

256

245

<title>OVERVIEW</title>

257

246

<xi:include href="overview.xml"/>

258

247

<para>

259

248

This program is the server part. It is a normal server program

260

249

and will run in a normal system environment, not in an initial

261

RAM disk environment.

250

<acronym>RAM</acronym> disk environment.

262

251

</para>

263

252

</refsect1>

264

253

265

254

266

255

<title>NETWORK PROTOCOL</title>

267

256

<para>

319

308

</row>

320

309

</tbody></tgroup></table>

321

310

</refsect1>

322

311

323

312

324

313

<title>CHECKING</title>

325

314

<para>

333

322

<manvolnum>5</manvolnum></citerefentry>.

334

323

</para>

335

324

</refsect1>

336

325

337

326

338

327

<title>LOGGING</title>

339

328

<para>

343

332

and also show them on the console.

344

333

</para>

345

334

</refsect1>

346

335

347

336

348

337

<title>EXIT STATUS</title>

349

338

<para>

351

340

critical error is encountered.

352

341

</para>

353

342

</refsect1>

354

343

355

344

356

345

<title>ENVIRONMENT</title>

357

346

371

360

</varlistentry>

372

361

</variablelist>

373

362

</refsect1>

374

375

363

364

376

365

<title>FILES</title>

377

366

<para>

378

367

Use the <option>--configdir</option> option to change where

401

390

</listitem>

402

391

</varlistentry>

403

392

404

<term><filename>/var/run/mandos/mandos.pid</filename></term>

393

<term><filename>/var/run/mandos.pid</filename></term>

405

394

406

395

<para>

407

396

The file containing the process id of

442

431

Currently, if a client is declared <quote>invalid</quote> due to

443

432

having timed out, the server does not record this fact onto

444

433

permanent storage. This has some security implications, see

445

<xref linkend="CLIENTS"/>.

434

<xref linkend="clients"/>.

446

435

</para>

447

436

<para>

448

437

There is currently no way of querying the server of the current

456

445

Debug mode is conflated with running in the foreground.

457

446

</para>

458

447

<para>

459

The console log messages does not show a timestamp.

448

The console log messages do not show a time stamp.

449

</para>

450

<para>

451

This server does not check the expire time of clients’ OpenPGP

452

keys.

460

453

</para>

461

454

</refsect1>

462

455

497

490

</para>

498

491

</informalexample>

499

492

</refsect1>

500

493

501

494

502

495

<title>SECURITY</title>

503

496

504

497

<title>SERVER</title>

505

498

<para>

506

499

Running this <command>&COMMANDNAME;</command> server program

507

500

should not in itself present any security risk to the host

508

computer running it. The program does not need any special

509

privileges to run, and is designed to run as a non-root user.

501

computer running it. The program switches to a non-root user

502

soon after startup.

510

503

</para>

511

504

</refsect2>

512

505

513

506

<title>CLIENTS</title>

514

507

<para>

515

508

The server only gives out its stored data to clients which

522

515

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

523

516

<manvolnum>5</manvolnum></citerefentry>)

524

517

<emphasis>must</emphasis> be made non-readable by anyone

525

except the user running the server.

518

except the user starting the server (usually root).

526

519

</para>

527

520

<para>

528

521

As detailed in <xref linkend="checking"/>, the status of all

539

532

restarting servers if it is suspected that a client has, in

540

533

fact, been compromised by parties who may now be running a

541

534

fake Mandos client with the keys from the non-encrypted

542

initial RAM image of the client host. What should be done in

543

that case (if restarting the server program really is

544

necessary) is to stop the server program, edit the

535

initial <acronym>RAM</acronym> image of the client host. What

536

should be done in that case (if restarting the server program

537

really is necessary) is to stop the server program, edit the

545

538

configuration file to omit any suspect clients, and restart

546

539

the server program.

547

540

</para>

548

541

<para>

549

542

For more details on client-side security, see

550

<citerefentry><refentrytitle>password-request</refentrytitle>

543

<citerefentry><refentrytitle>mandos-client</refentrytitle>

551

544

<manvolnum>8mandos</manvolnum></citerefentry>.

552

545

</para>

553

546

</refsect2>

554

547

</refsect1>

555

548

556

549

557

550

558

551

<para>

561

554

562

555

<refentrytitle>mandos.conf</refentrytitle>

563

556

564

<refentrytitle>password-request</refentrytitle>

557

<refentrytitle>mandos-client</refentrytitle>

565

558

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

566

559

567

560

</citerefentry>

Older »