/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

  • Committer: Teddy Hogeborn
  • Date: 2011-12-31 20:07:11 UTC
  • mfrom: (535.1.9 wireless-network-hook)
  • Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r
Merge new wireless network hook.  Fix bridge network hook to use
hardware addresses instead of interface names.  Implement and document
new "CONNECT" environment variable for network hooks.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-keygen.xml
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY COMMANDNAME "mandos-keygen">
6
 
<!ENTITY TIMESTAMP "2008-09-03">
 
5
<!ENTITY TIMESTAMP "2011-10-03">
 
6
<!ENTITY % common SYSTEM "common.ent">
 
7
%common;
7
8
]>
8
9
 
9
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
11
12
    <title>Mandos Manual</title>
12
13
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
13
14
    <productname>Mandos</productname>
14
 
    <productnumber>&VERSION;</productnumber>
 
15
    <productnumber>&version;</productnumber>
15
16
    <date>&TIMESTAMP;</date>
16
17
    <authorgroup>
17
18
      <author>
18
19
        <firstname>Björn</firstname>
19
20
        <surname>Påhlsson</surname>
20
21
        <address>
21
 
          <email>belorn@fukt.bsnet.se</email>
 
22
          <email>belorn@recompile.se</email>
22
23
        </address>
23
24
      </author>
24
25
      <author>
25
26
        <firstname>Teddy</firstname>
26
27
        <surname>Hogeborn</surname>
27
28
        <address>
28
 
          <email>teddy@fukt.bsnet.se</email>
 
29
          <email>teddy@recompile.se</email>
29
30
        </address>
30
31
      </author>
31
32
    </authorgroup>
32
33
    <copyright>
33
34
      <year>2008</year>
 
35
      <year>2009</year>
 
36
      <year>2011</year>
34
37
      <holder>Teddy Hogeborn</holder>
35
38
      <holder>Björn Påhlsson</holder>
36
39
    </copyright>
37
40
    <xi:include href="legalnotice.xml"/>
38
41
  </refentryinfo>
39
 
 
 
42
  
40
43
  <refmeta>
41
44
    <refentrytitle>&COMMANDNAME;</refentrytitle>
42
45
    <manvolnum>8</manvolnum>
48
51
      Generate key and password for Mandos client and server.
49
52
    </refpurpose>
50
53
  </refnamediv>
51
 
 
 
54
  
52
55
  <refsynopsisdiv>
53
56
    <cmdsynopsis>
54
57
      <command>&COMMANDNAME;</command>
122
125
      <group choice="req">
123
126
        <arg choice="plain"><option>--password</option></arg>
124
127
        <arg choice="plain"><option>-p</option></arg>
 
128
        <arg choice="plain"><option>--passfile
 
129
        <replaceable>FILE</replaceable></option></arg>
 
130
        <arg choice="plain"><option>-F</option>
 
131
        <replaceable>FILE</replaceable></arg>
125
132
      </group>
126
133
      <sbr/>
127
134
      <group>
159
166
    <para>
160
167
      <command>&COMMANDNAME;</command> is a program to generate the
161
168
      OpenPGP key used by
162
 
      <citerefentry><refentrytitle>password-request</refentrytitle>
 
169
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
163
170
      <manvolnum>8mandos</manvolnum></citerefentry>.  The key is
164
171
      normally written to /etc/mandos for later installation into the
165
172
      initrd image, but this, and most other things, can be changed
167
174
    </para>
168
175
    <para>
169
176
      This program can also be used with the
170
 
      <option>--password</option> option to generate a ready-made
171
 
      section for <filename>clients.conf</filename> (see
 
177
      <option>--password</option> or <option>--passfile</option>
 
178
      options to generate a ready-made section for
 
179
      <filename>clients.conf</filename> (see
172
180
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
173
181
      <manvolnum>5</manvolnum></citerefentry>).
174
182
    </para>
197
205
          </para>
198
206
        </listitem>
199
207
      </varlistentry>
200
 
 
 
208
      
201
209
      <varlistentry>
202
210
        <term><option>--dir
203
211
        <replaceable>DIRECTORY</replaceable></option></term>
206
214
        <listitem>
207
215
          <para>
208
216
            Target directory for key files.  Default is
209
 
            <filename>/etc/mandos</filename>.
 
217
            <filename class="directory">/etc/mandos</filename>.
210
218
          </para>
211
219
        </listitem>
212
220
      </varlistentry>
213
 
 
 
221
      
214
222
      <varlistentry>
215
223
        <term><option>--type
216
224
        <replaceable>TYPE</replaceable></option></term>
222
230
          </para>
223
231
        </listitem>
224
232
      </varlistentry>
225
 
 
 
233
      
226
234
      <varlistentry>
227
235
        <term><option>--length
228
236
        <replaceable>BITS</replaceable></option></term>
234
242
          </para>
235
243
        </listitem>
236
244
      </varlistentry>
237
 
 
 
245
      
238
246
      <varlistentry>
239
247
        <term><option>--subtype
240
248
        <replaceable>KEYTYPE</replaceable></option></term>
247
255
          </para>
248
256
        </listitem>
249
257
      </varlistentry>
250
 
 
 
258
      
251
259
      <varlistentry>
252
260
        <term><option>--sublength
253
261
        <replaceable>BITS</replaceable></option></term>
259
267
          </para>
260
268
        </listitem>
261
269
      </varlistentry>
262
 
 
 
270
      
263
271
      <varlistentry>
264
272
        <term><option>--email
265
273
        <replaceable>ADDRESS</replaceable></option></term>
271
279
          </para>
272
280
        </listitem>
273
281
      </varlistentry>
274
 
 
 
282
      
275
283
      <varlistentry>
276
284
        <term><option>--comment
277
285
        <replaceable>TEXT</replaceable></option></term>
284
292
          </para>
285
293
        </listitem>
286
294
      </varlistentry>
287
 
 
 
295
      
288
296
      <varlistentry>
289
297
        <term><option>--expire
290
298
        <replaceable>TIME</replaceable></option></term>
298
306
          </para>
299
307
        </listitem>
300
308
      </varlistentry>
301
 
 
 
309
      
302
310
      <varlistentry>
303
311
        <term><option>--force</option></term>
304
312
        <term><option>-f</option></term>
326
334
          </para>
327
335
        </listitem>
328
336
      </varlistentry>
 
337
      <varlistentry>
 
338
        <term><option>--passfile
 
339
        <replaceable>FILE</replaceable></option></term>
 
340
        <term><option>-F
 
341
        <replaceable>FILE</replaceable></option></term>
 
342
        <listitem>
 
343
          <para>
 
344
            The same as <option>--password</option>, but read from
 
345
            <replaceable>FILE</replaceable>, not the terminal.
 
346
          </para>
 
347
        </listitem>
 
348
      </varlistentry>
329
349
    </variablelist>
330
350
  </refsect1>
331
 
 
 
351
  
332
352
  <refsect1 id="overview">
333
353
    <title>OVERVIEW</title>
334
354
    <xi:include href="overview.xml"/>
338
358
      <filename>clients.conf</filename> on the server.
339
359
    </para>
340
360
  </refsect1>
341
 
 
 
361
  
342
362
  <refsect1 id="exit_status">
343
363
    <title>EXIT STATUS</title>
344
364
    <para>
364
384
    </variablelist>
365
385
  </refsect1>
366
386
  
367
 
  <refsect1 id="file">
 
387
  <refsect1 id="files">
368
388
    <title>FILES</title>
369
389
    <para>
370
390
      Use the <option>--dir</option> option to change where
391
411
        </listitem>
392
412
      </varlistentry>
393
413
      <varlistentry>
394
 
        <term><filename>/tmp</filename></term>
 
414
        <term><filename class="directory">/tmp</filename></term>
395
415
        <listitem>
396
416
          <para>
397
417
            Temporary files will be written here if
401
421
      </varlistentry>
402
422
    </variablelist>
403
423
  </refsect1>
404
 
 
 
424
  
405
425
<!--   <refsect1 id="bugs"> -->
406
426
<!--     <title>BUGS</title> -->
407
427
<!--     <para> -->
408
428
<!--     </para> -->
409
429
<!--   </refsect1> -->
410
 
 
 
430
  
411
431
  <refsect1 id="example">
412
432
    <title>EXAMPLE</title>
413
433
    <informalexample>
432
452
    </informalexample>
433
453
    <informalexample>
434
454
      <para>
435
 
        Prompt for a password, encrypt it with the key in
436
 
        <filename>/etc/mandos</filename> and output a section suitable
437
 
        for <filename>clients.conf</filename>.
 
455
        Prompt for a password, encrypt it with the key in <filename
 
456
        class="directory">/etc/mandos</filename> and output a section
 
457
        suitable for <filename>clients.conf</filename>.
438
458
      </para>
439
459
      <para>
440
460
        <userinput>&COMMANDNAME; --password</userinput>
454
474
      </para>
455
475
    </informalexample>
456
476
  </refsect1>
457
 
 
 
477
  
458
478
  <refsect1 id="security">
459
479
    <title>SECURITY</title>
460
480
    <para>
469
489
      <manvolnum>8</manvolnum></citerefentry>.
470
490
    </para>
471
491
  </refsect1>
472
 
 
 
492
  
473
493
  <refsect1 id="see_also">
474
494
    <title>SEE ALSO</title>
475
495
    <para>
 
496
      <citerefentry><refentrytitle>intro</refentrytitle>
 
497
      <manvolnum>8mandos</manvolnum></citerefentry>,
476
498
      <citerefentry><refentrytitle>gpg</refentrytitle>
477
499
      <manvolnum>1</manvolnum></citerefentry>,
478
500
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
479
501
      <manvolnum>5</manvolnum></citerefentry>,
480
502
      <citerefentry><refentrytitle>mandos</refentrytitle>
481
503
      <manvolnum>8</manvolnum></citerefentry>,
482
 
      <citerefentry><refentrytitle>password-request</refentrytitle>
 
504
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
483
505
      <manvolnum>8mandos</manvolnum></citerefentry>
484
506
    </para>
485
507
  </refsect1>