To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to client-cert.pem
- Committer: Teddy Hogeborn
- Date: 2014-06-22 02:19:30 UTC
- Revision ID: teddy@recompile.se-20140622021930-icl7h4cm97blhjml
mandos-keygen: Generate "checker" option to use SSH fingerprints.
To turn this off, use a new "--no-ssh" option to mandos-keygen.
* INSTALL (Mandos Server, Mandos Client): Document new suggested
installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
"mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
(mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
called "Faking ping
replies?" to address new
default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
behavior of
mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
"sec*", since no such files may exist.
(password mode): Scan for SSH key fingerprints and output as new
"checker" and "ssh_fingerprint" options, unless new
"--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
(OPTIONS/--no-ssh): New.
(SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
possibility of using SSH key
fingerprints for checking.
To turn this off, use a new "--no-ssh" option to mandos-keygen.
* INSTALL (Mandos Server, Mandos Client): Document new suggested
installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
"mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
(mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
called "Faking ping
replies?" to address new
default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
behavior of
mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
"sec*", since no such files may exist.
(password mode): Scan for SSH key fingerprints and output as new
"checker" and "ssh_fingerprint" options, unless new
"--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
(OPTIONS/--no-ssh): New.
(SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
possibility of using SSH key
fingerprints for checking.
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- plugins.d
- files removed:
- ca.pem
- files renamed:
- mandos-clients.conf => clients.conf
- server.py => mandos
- files modified:
- Makefile
added
removed
client-cert.pem
