/mandos/trunk : revision 518

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to intro.xml

Committer: Björn Påhlsson
Date: 2011-10-15 17:54:56 UTC
mfrom: (237.4.20 release)
Revision ID: belorn@fukt.bsnet.se-20111015175456-mel8l54bdvx890cr

Merge from release branch.

files removed:
bugs.xml

debian/mandos-client.examples

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

tmpfiles.d-mandos.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.dirs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

intro.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY TIMESTAMP "2016-11-27">

<!ENTITY TIMESTAMP "2011-10-03">

<!ENTITY % common SYSTEM "common.ent">

%common;

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<title>INTRODUCTION</title>

<para>

<!-- This paragraph is a combination and paraphrase of two

quotes from the 1995 movie “The Usual Suspects”. -->

You know how it is. You’ve heard of it happening. The Man

comes and takes away your servers, your friends’ servers, the

servers of everybody in the same hosting facility. The servers

203

196

</para>

204

197

</refsect2>

205

198

206

207

<title>How about sniffing the network traffic and decrypting it

208

later by physically grabbing the Mandos client and using its

209

key?</title>

210

<para>

211

We only use <acronym>PFS</acronym> (Perfect Forward Security)

212

key exchange algorithms in TLS, which protects against this.

213

</para>

214

</refsect2>

215

216

199

217

200

<title>Physically grabbing the Mandos server computer?</title>

218

201

<para>

231

214

</para>

232

215

</refsect2>

233

216

234

235

<title>Faking checker results?</title>

217

218

<title>Faking ping replies?</title>

236

219

<para>

237

If the Mandos client does not have an SSH server, the default

238

is for the Mandos server to use

220

The default for the server is to use

239

221

<quote><literal>fping</literal></quote>, the replies to which

240

222

could be faked to eliminate the timeout. But this could

241

223

easily be changed to any shell command, with any security

242

measures you like. If the Mandos client

243

<emphasis>has</emphasis> an SSH server, the default

244

configuration (as generated by

245

<command>mandos-keygen</command> with the

246

<option>--password</option> option) is for the Mandos server

247

to use an <command>ssh-keyscan</command> command with strict

248

keychecking, which can not be faked. Alternatively, IPsec

249

could be used for the ping packets, making them secure.

224

measures you like. It could, for instance, be changed to an

225

SSH command with strict keychecking, which could not be faked.

226

Or IPsec could be used for the ping packets, making them

227

secure.

250

228

</para>

251

229

</refsect2>

252

230

</refsect1>

381

359

</para>

382

360

</refsect1>

383

361

384

385

386

<xi:include href="bugs.xml"/>

387

</refsect1>

388

389

362

390

363

391

364

<para>

419

392

420

393

421

394

<term>

422

<ulink url="https://www.recompile.se/mandos">Mandos</ulink>

395

<ulink url="http://www.recompile.se/mandos">Mandos</ulink>

423

396

</term>

424

397

425

398

<para>

Older »