To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to clients.conf
- Committer: Teddy Hogeborn
- Date: 2014-06-22 02:19:30 UTC
- Revision ID: teddy@recompile.se-20140622021930-icl7h4cm97blhjml
mandos-keygen: Generate "checker" option to use SSH fingerprints.
To turn this off, use a new "--no-ssh" option to mandos-keygen.
* INSTALL (Mandos Server, Mandos Client): Document new suggested
installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
"mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
(mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
called "Faking ping
replies?" to address new
default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
behavior of
mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
"sec*", since no such files may exist.
(password mode): Scan for SSH key fingerprints and output as new
"checker" and "ssh_fingerprint" options, unless new
"--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
(OPTIONS/--no-ssh): New.
(SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
possibility of using SSH key
fingerprints for checking.
To turn this off, use a new "--no-ssh" option to mandos-keygen.
* INSTALL (Mandos Server, Mandos Client): Document new suggested
installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
"mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
(mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
called "Faking ping
replies?" to address new
default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
behavior of
mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
"sec*", since no such files may exist.
(password mode): Scan for SSH key fingerprints and output as new
"checker" and "ssh_fingerprint" options, unless new
"--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
(OPTIONS/--no-ssh): New.
(SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
possibility of using SSH key
fingerprints for checking.
- files added:
- initramfs-tools-hook-conf
- files removed:
- bugs.xml
- debian/tests
- dracut-module
- plugin-helpers
- files modified:
- .bzrignore
added
removed
clients.conf
