/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

  • Committer: Teddy Hogeborn
  • Date: 2014-02-16 13:12:20 UTC
  • mto: This revision was merged to the branch mainline in revision 656.
  • Revision ID: teddy@recompile.se-20140216131220-4nv9kjolkrxvn6l3
Tags: version-1.6.4-1
* Makefile (version): Changed to "1.6.4".
* NEWS (Version 1.6.4): New entry.
* debian/changelog (1.6.4-1): - '' -

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY COMMANDNAME "mandos-keygen">
6
 
<!ENTITY TIMESTAMP "2008-08-31">
 
5
<!ENTITY TIMESTAMP "2013-10-22">
 
6
<!ENTITY % common SYSTEM "common.ent">
 
7
%common;
7
8
]>
8
9
 
9
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
11
12
    <title>Mandos Manual</title>
12
13
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
13
14
    <productname>Mandos</productname>
14
 
    <productnumber>&VERSION;</productnumber>
 
15
    <productnumber>&version;</productnumber>
15
16
    <date>&TIMESTAMP;</date>
16
17
    <authorgroup>
17
18
      <author>
18
19
        <firstname>Björn</firstname>
19
20
        <surname>Påhlsson</surname>
20
21
        <address>
21
 
          <email>belorn@fukt.bsnet.se</email>
 
22
          <email>belorn@recompile.se</email>
22
23
        </address>
23
24
      </author>
24
25
      <author>
25
26
        <firstname>Teddy</firstname>
26
27
        <surname>Hogeborn</surname>
27
28
        <address>
28
 
          <email>teddy@fukt.bsnet.se</email>
 
29
          <email>teddy@recompile.se</email>
29
30
        </address>
30
31
      </author>
31
32
    </authorgroup>
32
33
    <copyright>
33
34
      <year>2008</year>
 
35
      <year>2009</year>
 
36
      <year>2011</year>
 
37
      <year>2012</year>
34
38
      <holder>Teddy Hogeborn</holder>
35
39
      <holder>Björn Påhlsson</holder>
36
40
    </copyright>
37
 
    <legalnotice>
38
 
      <para>
39
 
        This manual page is free software: you can redistribute it
40
 
        and/or modify it under the terms of the GNU General Public
41
 
        License as published by the Free Software Foundation,
42
 
        either version 3 of the License, or (at your option) any
43
 
        later version.
44
 
      </para>
45
 
 
46
 
      <para>
47
 
        This manual page is distributed in the hope that it will
48
 
        be useful, but WITHOUT ANY WARRANTY; without even the
49
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
50
 
        PARTICULAR PURPOSE.  See the GNU General Public License
51
 
        for more details.
52
 
      </para>
53
 
 
54
 
      <para>
55
 
        You should have received a copy of the GNU General Public
56
 
        License along with this program; If not, see
57
 
        <ulink url="http://www.gnu.org/licenses/"/>.
58
 
      </para>
59
 
    </legalnotice>
 
41
    <xi:include href="legalnotice.xml"/>
60
42
  </refentryinfo>
61
 
 
 
43
  
62
44
  <refmeta>
63
45
    <refentrytitle>&COMMANDNAME;</refentrytitle>
64
46
    <manvolnum>8</manvolnum>
70
52
      Generate key and password for Mandos client and server.
71
53
    </refpurpose>
72
54
  </refnamediv>
73
 
 
 
55
  
74
56
  <refsynopsisdiv>
75
57
    <cmdsynopsis>
76
58
      <command>&COMMANDNAME;</command>
144
126
      <group choice="req">
145
127
        <arg choice="plain"><option>--password</option></arg>
146
128
        <arg choice="plain"><option>-p</option></arg>
 
129
        <arg choice="plain"><option>--passfile
 
130
        <replaceable>FILE</replaceable></option></arg>
 
131
        <arg choice="plain"><option>-F</option>
 
132
        <replaceable>FILE</replaceable></arg>
147
133
      </group>
148
134
      <sbr/>
149
135
      <group>
181
167
    <para>
182
168
      <command>&COMMANDNAME;</command> is a program to generate the
183
169
      OpenPGP key used by
184
 
      <citerefentry><refentrytitle>password-request</refentrytitle>
 
170
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
185
171
      <manvolnum>8mandos</manvolnum></citerefentry>.  The key is
186
172
      normally written to /etc/mandos for later installation into the
187
173
      initrd image, but this, and most other things, can be changed
189
175
    </para>
190
176
    <para>
191
177
      This program can also be used with the
192
 
      <option>--password</option> option to generate a ready-made
193
 
      section for <filename>clients.conf</filename> (see
 
178
      <option>--password</option> or <option>--passfile</option>
 
179
      options to generate a ready-made section for
 
180
      <filename>clients.conf</filename> (see
194
181
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
195
182
      <manvolnum>5</manvolnum></citerefentry>).
196
183
    </para>
219
206
          </para>
220
207
        </listitem>
221
208
      </varlistentry>
222
 
 
 
209
      
223
210
      <varlistentry>
224
211
        <term><option>--dir
225
212
        <replaceable>DIRECTORY</replaceable></option></term>
228
215
        <listitem>
229
216
          <para>
230
217
            Target directory for key files.  Default is
231
 
            <filename>/etc/mandos</filename>.
 
218
            <filename class="directory">/etc/mandos</filename>.
232
219
          </para>
233
220
        </listitem>
234
221
      </varlistentry>
235
 
 
 
222
      
236
223
      <varlistentry>
237
224
        <term><option>--type
238
225
        <replaceable>TYPE</replaceable></option></term>
240
227
        <replaceable>TYPE</replaceable></option></term>
241
228
        <listitem>
242
229
          <para>
243
 
            Key type.  Default is <quote>DSA</quote>.
 
230
            Key type.  Default is <quote>RSA</quote>.
244
231
          </para>
245
232
        </listitem>
246
233
      </varlistentry>
247
 
 
 
234
      
248
235
      <varlistentry>
249
236
        <term><option>--length
250
237
        <replaceable>BITS</replaceable></option></term>
252
239
        <replaceable>BITS</replaceable></option></term>
253
240
        <listitem>
254
241
          <para>
255
 
            Key length in bits.  Default is 2048.
 
242
            Key length in bits.  Default is 4096.
256
243
          </para>
257
244
        </listitem>
258
245
      </varlistentry>
259
 
 
 
246
      
260
247
      <varlistentry>
261
248
        <term><option>--subtype
262
249
        <replaceable>KEYTYPE</replaceable></option></term>
264
251
        <replaceable>KEYTYPE</replaceable></option></term>
265
252
        <listitem>
266
253
          <para>
267
 
            Subkey type.  Default is <quote>ELG-E</quote> (Elgamal
 
254
            Subkey type.  Default is <quote>RSA</quote> (Elgamal
268
255
            encryption-only).
269
256
          </para>
270
257
        </listitem>
271
258
      </varlistentry>
272
 
 
 
259
      
273
260
      <varlistentry>
274
261
        <term><option>--sublength
275
262
        <replaceable>BITS</replaceable></option></term>
277
264
        <replaceable>BITS</replaceable></option></term>
278
265
        <listitem>
279
266
          <para>
280
 
            Subkey length in bits.  Default is 2048.
 
267
            Subkey length in bits.  Default is 4096.
281
268
          </para>
282
269
        </listitem>
283
270
      </varlistentry>
284
 
 
 
271
      
285
272
      <varlistentry>
286
273
        <term><option>--email
287
274
        <replaceable>ADDRESS</replaceable></option></term>
293
280
          </para>
294
281
        </listitem>
295
282
      </varlistentry>
296
 
 
 
283
      
297
284
      <varlistentry>
298
285
        <term><option>--comment
299
286
        <replaceable>TEXT</replaceable></option></term>
301
288
        <replaceable>TEXT</replaceable></option></term>
302
289
        <listitem>
303
290
          <para>
304
 
            Comment field for key.  The default value is
305
 
            <quote><literal>Mandos client key</literal></quote>.
 
291
            Comment field for key.  Default is empty.
306
292
          </para>
307
293
        </listitem>
308
294
      </varlistentry>
309
 
 
 
295
      
310
296
      <varlistentry>
311
297
        <term><option>--expire
312
298
        <replaceable>TIME</replaceable></option></term>
320
306
          </para>
321
307
        </listitem>
322
308
      </varlistentry>
323
 
 
 
309
      
324
310
      <varlistentry>
325
311
        <term><option>--force</option></term>
326
312
        <term><option>-f</option></term>
348
334
          </para>
349
335
        </listitem>
350
336
      </varlistentry>
 
337
      <varlistentry>
 
338
        <term><option>--passfile
 
339
        <replaceable>FILE</replaceable></option></term>
 
340
        <term><option>-F
 
341
        <replaceable>FILE</replaceable></option></term>
 
342
        <listitem>
 
343
          <para>
 
344
            The same as <option>--password</option>, but read from
 
345
            <replaceable>FILE</replaceable>, not the terminal.
 
346
          </para>
 
347
        </listitem>
 
348
      </varlistentry>
351
349
    </variablelist>
352
350
  </refsect1>
353
 
 
 
351
  
354
352
  <refsect1 id="overview">
355
353
    <title>OVERVIEW</title>
356
354
    <xi:include href="overview.xml"/>
360
358
      <filename>clients.conf</filename> on the server.
361
359
    </para>
362
360
  </refsect1>
363
 
 
 
361
  
364
362
  <refsect1 id="exit_status">
365
363
    <title>EXIT STATUS</title>
366
364
    <para>
386
384
    </variablelist>
387
385
  </refsect1>
388
386
  
389
 
  <refsect1 id="file">
 
387
  <refsect1 id="files">
390
388
    <title>FILES</title>
391
389
    <para>
392
390
      Use the <option>--dir</option> option to change where
413
411
        </listitem>
414
412
      </varlistentry>
415
413
      <varlistentry>
416
 
        <term><filename>/tmp</filename></term>
 
414
        <term><filename class="directory">/tmp</filename></term>
417
415
        <listitem>
418
416
          <para>
419
417
            Temporary files will be written here if
423
421
      </varlistentry>
424
422
    </variablelist>
425
423
  </refsect1>
426
 
 
427
 
  <refsect1 id="bugs">
428
 
    <title>BUGS</title>
429
 
    <para>
430
 
      None are known at this time.
431
 
    </para>
432
 
  </refsect1>
433
 
 
 
424
  
 
425
<!--   <refsect1 id="bugs"> -->
 
426
<!--     <title>BUGS</title> -->
 
427
<!--     <para> -->
 
428
<!--     </para> -->
 
429
<!--   </refsect1> -->
 
430
  
434
431
  <refsect1 id="example">
435
432
    <title>EXAMPLE</title>
436
433
    <informalexample>
455
452
    </informalexample>
456
453
    <informalexample>
457
454
      <para>
458
 
        Prompt for a password, encrypt it with the key in
459
 
        <filename>/etc/mandos</filename> and output a section suitable
460
 
        for <filename>clients.conf</filename>.
 
455
        Prompt for a password, encrypt it with the key in <filename
 
456
        class="directory">/etc/mandos</filename> and output a section
 
457
        suitable for <filename>clients.conf</filename>.
461
458
      </para>
462
459
      <para>
463
460
        <userinput>&COMMANDNAME; --password</userinput>
477
474
      </para>
478
475
    </informalexample>
479
476
  </refsect1>
480
 
 
 
477
  
481
478
  <refsect1 id="security">
482
479
    <title>SECURITY</title>
483
480
    <para>
492
489
      <manvolnum>8</manvolnum></citerefentry>.
493
490
    </para>
494
491
  </refsect1>
495
 
 
 
492
  
496
493
  <refsect1 id="see_also">
497
494
    <title>SEE ALSO</title>
498
495
    <para>
 
496
      <citerefentry><refentrytitle>intro</refentrytitle>
 
497
      <manvolnum>8mandos</manvolnum></citerefentry>,
499
498
      <citerefentry><refentrytitle>gpg</refentrytitle>
500
499
      <manvolnum>1</manvolnum></citerefentry>,
501
500
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
502
501
      <manvolnum>5</manvolnum></citerefentry>,
503
502
      <citerefentry><refentrytitle>mandos</refentrytitle>
504
503
      <manvolnum>8</manvolnum></citerefentry>,
505
 
      <citerefentry><refentrytitle>password-request</refentrytitle>
 
504
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
506
505
      <manvolnum>8mandos</manvolnum></citerefentry>
507
506
    </para>
508
507
  </refsect1>