/mandos/trunk : revision 24.1.181

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to intro.xml

Committer: Björn Påhlsson
Date: 2011-09-18 16:04:23 UTC
mfrom: (497 trunk)
mto: This revision was merged to the branch mainline in revision 498.
Revision ID: belorn@fukt.bsnet.se-20110918160423-x09aoqldw7wqmzia

Merge from teddy.

files removed:
bugs.xml

debian/mandos-client.examples

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

tmpfiles.d-mandos.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

dbus-mandos.conf

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

intro.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY TIMESTAMP "2016-03-05">

<!ENTITY TIMESTAMP "2011-08-08">

<!ENTITY % common SYSTEM "common.ent">

%common;

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@recompile.se</email>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@recompile.se</email>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

201

196

</para>

202

197

</refsect2>

203

198

204

205

<title>How about sniffing the network traffic and decrypting it

206

later by physically grabbing the Mandos client and using its

207

key?</title>

208

<para>

209

We only use <acronym>PFS</acronym> (Perfect Forward Security)

210

key exchange algorithms in TLS, which protects against this.

211

</para>

212

</refsect2>

213

214

199

215

200

<title>Physically grabbing the Mandos server computer?</title>

216

201

<para>

229

214

</para>

230

215

</refsect2>

231

216

232

233

<title>Faking checker results?</title>

217

218

<title>Faking ping replies?</title>

234

219

<para>

235

If the Mandos client does not have an SSH server, the default

236

is for the Mandos server to use

220

The default for the server is to use

237

221

<quote><literal>fping</literal></quote>, the replies to which

238

222

could be faked to eliminate the timeout. But this could

239

223

easily be changed to any shell command, with any security

240

measures you like. If the Mandos client

241

<emphasis>has</emphasis> an SSH server, the default

242

configuration (as generated by

243

<command>mandos-keygen</command> with the

244

<option>--password</option> option) is for the Mandos server

245

to use an <command>ssh-keyscan</command> command with strict

246

keychecking, which can not be faked. Alternatively, IPsec

247

could be used for the ping packets, making them secure.

224

measures you like. It could, for instance, be changed to an

225

SSH command with strict keychecking, which could not be faked.

226

Or IPsec could be used for the ping packets, making them

227

secure.

248

228

</para>

249

229

</refsect2>

250

230

</refsect1>

379

359

</para>

380

360

</refsect1>

381

361

382

383

384

<xi:include href="bugs.xml"/>

385

</refsect1>

386

387

362

388

363

389

364

<para>

417

392

418

393

419

394

<term>

420

<ulink url="http://www.recompile.se/mandos">Mandos</ulink>

395

<ulink url="http://www.fukt.bsnet.se/mandos">Mandos</ulink>

421

396

</term>

422

397

423

398

<para>

Older »