/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-prompt.xml

  • Committer: Teddy Hogeborn
  • Date: 2014-06-22 02:19:30 UTC
  • Revision ID: teddy@recompile.se-20140622021930-icl7h4cm97blhjml
mandos-keygen: Generate "checker" option to use SSH fingerprints.

To turn this off, use a new "--no-ssh" option to mandos-keygen.

* INSTALL (Mandos Server, Mandos Client): Document new suggested
                                          installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
                                   "mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
  (mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
                                          called "Faking ping
                                          replies?" to address new
                                          default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
                                             behavior of
                                             mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
                 "sec*", since no such files may exist.
 (password mode): Scan for SSH key fingerprints and output as new
                  "checker" and "ssh_fingerprint" options, unless new
                  "--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
  (OPTIONS/--no-ssh): New.
  (SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
                                          possibility of using SSH key
                                          fingerprints for checking.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY COMMANDNAME "password-prompt">
6
 
<!ENTITY TIMESTAMP "2008-09-06">
 
5
<!ENTITY TIMESTAMP "2012-01-01">
 
6
<!ENTITY % common SYSTEM "../common.ent">
 
7
%common;
7
8
]>
8
9
 
9
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
11
12
    <title>Mandos Manual</title>
12
13
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
13
14
    <productname>Mandos</productname>
14
 
    <productnumber>&VERSION;</productnumber>
 
15
    <productnumber>&version;</productnumber>
15
16
    <date>&TIMESTAMP;</date>
16
17
    <authorgroup>
17
18
      <author>
18
19
        <firstname>Björn</firstname>
19
20
        <surname>Påhlsson</surname>
20
21
        <address>
21
 
          <email>belorn@fukt.bsnet.se</email>
 
22
          <email>belorn@recompile.se</email>
22
23
        </address>
23
24
      </author>
24
25
      <author>
25
26
        <firstname>Teddy</firstname>
26
27
        <surname>Hogeborn</surname>
27
28
        <address>
28
 
          <email>teddy@fukt.bsnet.se</email>
 
29
          <email>teddy@recompile.se</email>
29
30
        </address>
30
31
      </author>
31
32
    </authorgroup>
32
33
    <copyright>
33
34
      <year>2008</year>
 
35
      <year>2009</year>
 
36
      <year>2011</year>
 
37
      <year>2012</year>
34
38
      <holder>Teddy Hogeborn</holder>
35
39
      <holder>Björn Påhlsson</holder>
36
40
    </copyright>
83
87
    <title>DESCRIPTION</title>
84
88
    <para>
85
89
      All <command>&COMMANDNAME;</command> does is prompt for a
86
 
      password and output any given password to standard output.  This
87
 
      is not very useful on its own.  This program is really meant to
88
 
      run as a plugin in the <application>Mandos</application>
89
 
      client-side system, where it is used as a fallback and
90
 
      alternative to retrieving passwords from a <application
91
 
      >Mandos</application> server.
 
90
      password and output any given password to standard output.
 
91
    </para>
 
92
    <para>
 
93
      This program is not very useful on its own.  This program is
 
94
      really meant to run as a plugin in the <application
 
95
      >Mandos</application> client-side system, where it is used as a
 
96
      fallback and alternative to retrieving passwords from a
 
97
      <application >Mandos</application> server.
92
98
    </para>
93
99
    <para>
94
100
      This program is little more than a <citerefentry><refentrytitle
179
185
    <title>ENVIRONMENT</title>
180
186
    <variablelist>
181
187
      <varlistentry>
182
 
        <term><envar>cryptsource</envar></term>
183
 
        <term><envar>crypttarget</envar></term>
 
188
        <term><envar>CRYPTTAB_SOURCE</envar></term>
 
189
        <term><envar>CRYPTTAB_NAME</envar></term>
184
190
        <listitem>
185
191
          <para>
186
192
            If set, these environment variables will be assumed to
288
294
  <refsect1 id="see_also">
289
295
    <title>SEE ALSO</title>
290
296
    <para>
 
297
      <citerefentry><refentrytitle>intro</refentrytitle>
 
298
      <manvolnum>8mandos</manvolnum></citerefentry>
291
299
      <citerefentry><refentrytitle>crypttab</refentrytitle>
292
300
      <manvolnum>5</manvolnum></citerefentry>
293
301
      <citerefentry><refentrytitle>mandos-client</refentrytitle>