/mandos/trunk : revision 663

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.xml

Committer: Teddy Hogeborn
Date: 2014-03-01 09:51:07 UTC
Revision ID: teddy@recompile.se-20140301095107-wfcwbmol2a71d3xz

* mandos-keygen (keygen): Add workaround for Debian bug #737128.

files added:
debian/upstream-signing-key.pgp

files removed:
debian/upstream

debian/upstream/signing-key.asc

files modified:
DBUS-API

INSTALL

Makefile

NEWS

TODO

common.ent

debian/changelog

debian/control

debian/mandos.postinst

debian/rules

initramfs-tools-hook

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.xml

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY COMMANDNAME "mandos-client">

<!ENTITY TIMESTAMP "2015-03-08">

<!ENTITY TIMESTAMP "2014-03-01">

<!ENTITY % common SYSTEM "../common.ent">

%common;

261

<para>

262

<replaceable>NAME</replaceable> can be the string

263

<quote><literal>none</literal></quote>; this will make

264

<command>&COMMANDNAME;</command> only bring up interfaces

265

specified <emphasis>before</emphasis> this string. This

266

is not recommended, and only meant for advanced users.

264

<command>&COMMANDNAME;</command> not bring up

265

<emphasis>any</emphasis> interfaces specified

266

<emphasis>after</emphasis> this string. This is not

267

recommended, and only meant for advanced users.

267

268

</para>

268

269

</listitem>

269

270

</varlistentry>

311

312

312

313

<para>

313

314

Sets the number of bits to use for the prime number in the

314

TLS Diffie-Hellman key exchange. The default value is

315

selected automatically based on the OpenPGP key.

315

TLS Diffie-Hellman key exchange. Default is 1024.

316

</para>

317

</listitem>

318

</varlistentry>

749

<para>

750

It will also help if the checker program on the server is

751

configured to request something from the client which can not be

752

spoofed by someone else on the network, like SSH server key

753

fingerprints, and unlike unencrypted <acronym>ICMP</acronym>

754

echo (<quote>ping</quote>) replies.

752

spoofed by someone else on the network, unlike unencrypted

753

<acronym>ICMP</acronym> echo (<quote>ping</quote>) replies.

755

754

</para>

756

755

<para>

757

756

<emphasis>Note</emphasis>: This makes it completely insecure to

Older »