/mandos/trunk : revision 84

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

Committer: Teddy Hogeborn
Date: 2008-08-17 22:42:28 UTC
Revision ID: teddy@fukt.bsnet.se-20080817224228-nhor2yuv230if01i

* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
                           not rely on a stylesheet declaration.

* mandos.xml: Removed <?xml-stylesheet>.  New entity "&OVERVIEW;"
              refers to "overview.xml". Changed all single quotes to
              double quotes for consistency.
  (DESCRIPTION): Use the term "TLS" and not "GnuTLS" for the protocol.
                 Refer to the "OVERVIEW" section for reason for IPv6
                 link-local addresses.
  (PURPOSE): Shortened a lot.  Refer to "OVERVIEW" section for details.
  (OVERVIEW): New section.  Include &OVERVIEW; and add a paragraph
              about what the role of this program is.
  (SECURITY/CLIENTS): Refer to the "CHECKING" section for details on
                      checking.
  (SEE ALSO): Changed from an <itemizedlist> to a <variablelist>.
              Added a short text for each entry.  Removed reference to
              plugin-runner(8mandos).  Add reference to RFC 4291 and
              RFC 4346.

* overview.xml: New file, containing a single <para>.  The idea is to
                use this in all the man pages.

* plugins.d/password-request.c: Updated comments about spurious
                                warnings.

files modified:
Makefile

TODO

mandos

mandos-keygen

mandos-keygen.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugins.d/password-prompt.xml

plugins.d/password-request.xml

Show diffs side-by-side

added added

removed removed

mandos-keygen.xml

<?xml version='1.0' encoding='UTF-8'?>

<?xml-stylesheet type="text/xsl"

href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos-keygen">

<!ENTITY OVERVIEW SYSTEM "overview.xml">

168

169

</para>

169

170

</refsect1>

170

171

172

<title>PURPOSE</title>

173

174

<para>

175

The purpose of this is to enable <emphasis>remote and unattended

176

rebooting</emphasis> of client host computer with an

177

<emphasis>encrypted root file system</emphasis>. See <xref

178

linkend="overview"/> for details.

179

</para>

180

181

</refsect1>

182

183

172

184

173

<title>OPTIONS</title>

185

174

267

256

</variablelist>

268

257

</refsect1>

269

258

270

271

<title>OVERVIEW</title>

272

&OVERVIEW;

273

<para>

274

This program is a small program to generate new OpenPGP keys for

275

new Mandos clients.

276

</para>

277

</refsect1>

278

279

259

280

260

<title>EXIT STATUS</title>

281

261

<para>

282

The exit status will be 0 if new keys were successfully created,

283

otherwise not.

284

262

</para>

285

263

</refsect1>

286

264

287

288

<title>ENVIRONMENT</title>

289

290

291

<term><varname>TMPDIR</varname></term>

292

293

<para>

294

If set, temporary files will be created here. See

295

<citerefentry><refentrytitle>mktemp</refentrytitle>

296

<manvolnum>1</manvolnum></citerefentry>.

297

</para>

298

</listitem>

299

</varlistentry>

300

</variablelist>

301

</refsect1>

302

303

265

304

266

<title>FILES</title>

305

267

<para>

306

Use the <option>--dir</option> option to change where

307

<command>&COMMANDNAME;</command> will write the key files. The

308

default file names are shown here.

309

268

</para>

310

311

312

<term><filename>/etc/mandos/seckey.txt</filename></term>

313

314

<para>

315

OpenPGP secret key file which will be created or

316

overwritten.

317

</para>

318

</listitem>

319

</varlistentry>

320

321

<term><filename>/etc/mandos/pubkey.txt</filename></term>

322

323

<para>

324

OpenPGP public key file which will be created or

325

overwritten.

326

</para>

327

</listitem>

328

</varlistentry>

329

330

331

332

<para>

333

Temporary files will be written here if

334

<varname>TMPDIR</varname> is not set.

335

</para>

336

</listitem>

337

</varlistentry>

338

</variablelist>

339

269

</refsect1>

340

270

341

271

342

272

343

273

<para>

344

None are known at this time.

345

274

</para>

346

275

</refsect1>

347

276

348

349

<title>EXAMPLE</title>

350

351

<para>

352

Normal invocation needs no options:

353

</para>

354

<para>

355

<userinput>mandos-keygen</userinput>

356

</para>

357

</informalexample>

358

359

<para>

360

Create keys in another directory and of another type. Force

361

overwriting old key files:

362

</para>

363

<para>

364

365

366

<userinput>mandos-keygen --dir ~/keydir --type RSA --force</userinput>

367

368

</para>

369

</informalexample>

277

278

<title>EXAMPLES</title>

279

<para>

280

</para>

370

281

</refsect1>

371

282

372

283

373

284

<title>SECURITY</title>

374

285

<para>

375

The <option>--type</option> and <option>--length</option>

376

options can be used to create keys of insufficient security. If

377

in doubt, leave them to the default values.

378

</para>

379

<para>

380

The key expire time is not guaranteed to be honored by

381

<citerefentry><refentrytitle>mandos</refentrytitle>

382

<manvolnum>8</manvolnum></citerefentry>.

383

286

</para>

384

287

</refsect1>

385

288

Older »