To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to clients.conf.xml
- browse files at revision 24.1.23
- compare with another revision
- download diff
- download tarball
- view history from revision 24.1.23
- Committer: Björn Påhlsson
- Date: 2008-08-08 01:31:58 UTC
- mto: (24.1.154 mandos) (237.4.3 mandos-release)
- mto: This revision was merged to the branch mainline in revision 50.
- Revision ID: belorn@braxen-20080808013158-weqgqkxni7du1ke5
Added manual pages for:
clients.conf
mandos.conf
mandos
mandos-client
password-prompt
password-request
clients.conf
mandos.conf
mandos
mandos-client
password-prompt
password-request
added
removed
clients.conf.xml
1
<?xml version='1.0' encoding='UTF-8'?>
2
<?xml-stylesheet type="text/xsl"
3
href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>
4
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
5
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
6
<!ENTITY VERSION "1.0">
7
<!ENTITY CONFNAME "clients.conf">
8
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
9
]>
10
11
<refentry>
12
<refentryinfo>
13
<title>&CONFNAME;</title>
14
<!-- NWalsh's docbook scripts use this to generate the footer: -->
15
<productname>&CONFNAME;</productname>
16
<productnumber>&VERSION;</productnumber>
17
<authorgroup>
18
<author>
19
<firstname>Björn</firstname>
20
<surname>Påhlsson</surname>
21
<address>
22
<email>belorn@fukt.bsnet.se</email>
23
</address>
24
</author>
25
<author>
26
<firstname>Teddy</firstname>
27
<surname>Hogeborn</surname>
28
<address>
29
<email>teddy@fukt.bsnet.se</email>
30
</address>
31
</author>
32
</authorgroup>
33
<copyright>
34
<year>2008</year>
35
<holder>Teddy Hogeborn & Björn Påhlsson</holder>
36
</copyright>
37
<legalnotice>
38
<para>
39
This manual page is free software: you can redistribute it
40
and/or modify it under the terms of the GNU General Public
41
License as published by the Free Software Foundation,
42
either version 3 of the License, or (at your option) any
43
later version.
44
</para>
45
46
<para>
47
This manual page is distributed in the hope that it will
48
be useful, but WITHOUT ANY WARRANTY; without even the
49
implied warranty of MERCHANTABILITY or FITNESS FOR A
50
PARTICULAR PURPOSE. See the GNU General Public License
51
for more details.
52
</para>
53
54
<para>
55
You should have received a copy of the GNU General Public
56
License along with this program; If not, see
57
<ulink url="http://www.gnu.org/licenses/"/>.
58
</para>
59
</legalnotice>
60
</refentryinfo>
61
62
<refmeta>
63
<refentrytitle>&CONFNAME;</refentrytitle>
64
<manvolnum>5</manvolnum>
65
</refmeta>
66
67
<refnamediv>
68
<refname><filename>&CONFNAME;</filename></refname>
69
<refpurpose>
70
Configuration file for Mandos clients
71
</refpurpose>
72
</refnamediv>
73
74
<refsynopsisdiv>
75
<synopsis>
76
&CONFPATH;
77
</synopsis>
78
</refsynopsisdiv>
79
80
<refsect1 id="description">
81
<title>DESCRIPTION</title>
82
<para>
83
The file &CONFPATH; is the configuration file for mandos where
84
each client that will be abel to use the service need to be
85
specified. The configuration file is looked on at the startup of
86
the service, so to reenable timedout clients one need to only
87
restart the server. The format starts with a section under []
88
which is eather <literal>[DEFAULT]</literal> or a client
89
name. Values is set through the use of VAR = VALUE pair. Values
90
may not be empty.
91
</para>
92
</refsect1>
93
94
<refsect1 id="default">
95
<title>DEFAULT</title>
96
<para>
97
The paramters for <literal>[DEFAULT]</literal> are:
98
</para>
99
100
<variablelist>
101
102
<varlistentry>
103
<term><literal>timeout</literal></term>
104
<listitem>
105
<para>
106
This option allows you to override the default timeout
107
that clients will get. By default mandos will use 1hr.
108
</para>
109
</listitem>
110
</varlistentry>
111
112
<varlistentry>
113
<term><literal>interval</literal></term>
114
<listitem>
115
<para>
116
This option allows you to override the default interval
117
used between checkups for disconnected clients. By default
118
mandos will use 5m.
119
</para>
120
</listitem>
121
</varlistentry>
122
123
<varlistentry>
124
<term><literal>checker</literal></term>
125
<listitem>
126
<para>
127
This option allows you to override the default shell
128
command that the server will use to check up if the client
129
is still up. By default mandos will "fping -q -- %%(fqdn)s"
130
</para>
131
</listitem>
132
</varlistentry>
133
134
</variablelist>
135
</refsect1>
136
137
<refsect1 id="clients">
138
<title>CLIENTS</title>
139
<para>
140
The paramters for clients are:
141
</para>
142
143
<variablelist>
144
145
<varlistentry>
146
<term><literal>fingerprint</literal></term>
147
<listitem>
148
<para>
149
This option sets the openpgp fingerprint that identifies
150
the public certificate that clients authenticates themself
151
through gnutls. The string need to be in hex-decimal form.
152
</para>
153
</listitem>
154
</varlistentry>
155
156
<varlistentry>
157
<term><literal>secret</literal></term>
158
<listitem>
159
<para>
160
Base 64 encoded OpenPGP encrypted password encrypted by
161
the clients openpgp certificate.
162
</para>
163
</listitem>
164
</varlistentry>
165
166
<varlistentry>
167
<term><literal>secfile</literal></term>
168
<listitem>
169
<para>
170
Base 64 encoded OpenPGP encrypted password encrypted by
171
the clients openpgp certificate as a binary file.
172
</para>
173
</listitem>
174
</varlistentry>
175
176
<varlistentry>
177
<term><literal>fqdn</literal></term>
178
<listitem>
179
<para>
180
FQDN, that can be used in for checking that the client is up.
181
</para>
182
</listitem>
183
</varlistentry>
184
185
<varlistentry>
186
<term><literal>checker</literal></term>
187
<listitem>
188
<para>
189
Shell command that the server will use to check up if the
190
client is still up.
191
</para>
192
</listitem>
193
</varlistentry>
194
195
<varlistentry>
196
<term><literal>timeout</literal></term>
197
<listitem>
198
<para>
199
Duration that a client can be down whitout be removed from
200
the client list.
201
</para>
202
</listitem>
203
</varlistentry>
204
205
</variablelist>
206
</refsect1>
207
208
<refsect1 id="examples">
209
<title>EXAMPLES</title>
210
<informalexample>
211
<programlisting>
212
[DEFAULT]
213
timeout = 1h
214
interval = 5m
215
checker = fping -q -- %%(fqdn)s
216
217
[example_client]
218
fingerprint = 7788 2722 5BA7 DE53 9C5A 7CFA 59CF F7CD BD9A 5920
219
220
secret =
221
hQIOA6QdEjBs2L/HEAf/TCyrDe5Xnm9esa+Pb/vWF9CUqfn4srzVgSu234REJMVv
222
7lBSrPE2132Lmd2gqF1HeLKDJRSVxJpt6xoWOChGHg+TMyXDxK+NXl89vGvdU1Xf
223
hKkVm9MDLOgT5ECDPysDGHFPDhqHOSu3Kaw2DWMV/iH9vz3Z20erVNbdcvyBnuoj
224
coWO/6yfB5EQO0BXp7kcyy00USA3CjD5FGZdoQGITb8A/ar0tVA5crSQmaSotm6K
225
mNLhrFnZ5BxX+TiE+eTUTqSloWRY6VAvqWQHC7OASxK5E6RXPBuFH5IohUA2Qbk5
226
AHt99pYvsIPX88j2rWauOokoiKZot/9leJ8VxO5l3wf/U64IH8bkPIoWmWZfd/nq
227
h4uwGNbCgKMyT+AnvH7kMJ3i7DivfWl2mKLV0PyPHUNva0VQxX6yYjcOhj1R6fCr
228
/at8/NSLe2OhLchzdC+Ls9h+kvJXgF8Sisv+Wk/1RadPLFmraRlqvJwt6Ww21Lpi
229
XqXHV2mIgqWnR98YgSvUi3TJHrUQiNc9YyBzuRo0AjgG2C9qiE3FM+Y28+iQ/sR3
230
+bFszYuZKVTObqiIslwXu7imO0cvvFRgJF/6u3HNFQ4LUTGhiM3FQmC6NNlF3/vJ
231
M2hwRDMcJqDd54Twx90Wh+tYz0z7QMsK4ANXWHHWHR0JchnLWmenzbtW5MHdW9AY
232
sNJZAQSOpirE4Xi31CSlWAi9KV+cUCmWF5zOFy1x23P6PjdaRm4T2zw4dxS5NswX
233
WU0sVEXxjs6PYxuIiCTL7vdpx8QjBkrPWDrAbcMyBr2OQlnHIvPzEArRQLo=
234
=iHhv
235
236
fqdn = localhost
237
interval = 5m
238
</programlisting>
239
</informalexample>
240
</refsect1>
241
242
<refsect1 id="files">
243
<title>FILES</title>
244
<para>
245
The file described here is &CONFPATH;
246
</para>
247
</refsect1>
248
</refentry>
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0