1
<?xml version="1.0" encoding="UTF-8"?>
1
<?xml version='1.0' encoding='UTF-8'?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY COMMANDNAME "mandos-keygen">
6
<!ENTITY OVERVIEW SYSTEM "overview.xml">
8
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
10
11
<title>&COMMANDNAME;</title>
11
<!-- NWalsh’s docbook scripts use this to generate the footer: -->
12
<!-- NWalsh's docbook scripts use this to generate the footer: -->
12
13
<productname>&COMMANDNAME;</productname>
13
14
<productnumber>&VERSION;</productnumber>
86
86
<replaceable>bits</replaceable></arg>
88
88
<group choice="opt">
89
<arg choice="plain"><option>--subtype</option>
90
<replaceable>type</replaceable></arg>
93
<arg choice="plain"><option>--sublength</option>
94
<replaceable>bits</replaceable></arg>
97
89
<arg choice="plain"><option>--name</option>
98
90
<replaceable>NAME</replaceable></arg>
128
120
<replaceable>bits</replaceable></arg>
130
122
<group choice="opt">
131
<arg choice="plain"><option>-s</option>
132
<replaceable>type</replaceable></arg>
135
<arg choice="plain"><option>-L</option>
136
<replaceable>bits</replaceable></arg>
139
123
<arg choice="plain"><option>-n</option>
140
124
<replaceable>NAME</replaceable></arg>
159
143
<command>&COMMANDNAME;</command>
160
144
<group choice="req">
161
<arg choice="plain"><option>-p</option></arg>
162
<arg choice="plain"><option>--password</option></arg>
165
<arg choice="plain"><option>--dir</option>
166
<replaceable>directory</replaceable></arg>
169
<arg choice="plain"><option>--name</option>
170
<replaceable>NAME</replaceable></arg>
174
<command>&COMMANDNAME;</command>
176
<arg choice="plain"><option>-h</option></arg>
177
<arg choice="plain"><option>--help</option></arg>
181
<command>&COMMANDNAME;</command>
183
<arg choice="plain"><option>-v</option></arg>
184
<arg choice="plain"><option>--version</option></arg>
145
<arg choice='plain'><option>-h</option></arg>
146
<arg choice='plain'><option>--help</option></arg>
150
<command>&COMMANDNAME;</command>
152
<arg choice='plain'><option>-v</option></arg>
153
<arg choice='plain'><option>--version</option></arg>
187
156
</refsynopsisdiv>
197
166
initrd image, but this, like most things, can be changed with
198
167
command line options.
201
It can also be used to generate ready-made sections for
202
<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
203
<manvolnum>5</manvolnum></citerefentry> using the
204
<option>--password</option> option.
208
171
<refsect1 id="purpose">
265
<term><literal>-s</literal>, <literal>--subtype
266
<replaceable>type</replaceable></literal></term>
269
Subkey type. Default is <quote>ELG-E</quote> (Elgamal
276
<term><literal>-L</literal>, <literal>--sublength
277
<replaceable>bits</replaceable></literal></term>
280
Subkey length in bits. Default is 2048.
286
227
<term><literal>-e</literal>, <literal>--email</literal>
287
228
<replaceable>address</replaceable></term>
327
<term><literal>-p</literal>, <literal>--password</literal
331
Prompt for a password and encrypt it with the key already
332
present in either <filename>/etc/mandos</filename> or the
333
directory specified with the <option>--dir</option>
334
option. Outputs, on standard output, a section suitable
335
for inclusion in <citerefentry><refentrytitle
336
>mandos-clients.conf</refentrytitle><manvolnum
337
>8</manvolnum></citerefentry>. The host name or the name
338
specified with the <option>--name</option> option is used
339
for the section header. All other options are ignored,
340
and no keys are created.
347
270
<refsect1 id="overview">
348
271
<title>OVERVIEW</title>
349
<xi:include href="overview.xml"/>
351
This program is a small utility to generate new OpenPGP keys for
274
This program is a small program to generate new OpenPGP keys for
352
275
new Mandos clients.
356
279
<refsect1 id="exit_status">
357
280
<title>EXIT STATUS</title>
359
The exit status will be 0 if new keys were successfully created,
364
<refsect1 id="environment">
365
<title>ENVIRONMENT</title>
368
<term><varname>TMPDIR</varname></term>
371
If set, temporary files will be created here. See
372
<citerefentry><refentrytitle>mktemp</refentrytitle>
373
<manvolnum>1</manvolnum></citerefentry>.
380
285
<refsect1 id="file">
381
286
<title>FILES</title>
383
Use the <option>--dir</option> option to change where
384
<command>&COMMANDNAME;</command> will write the key files. The
385
default file names are shown here.
389
<term><filename>/etc/mandos/seckey.txt</filename></term>
392
OpenPGP secret key file which will be created or
398
<term><filename>/etc/mandos/pubkey.txt</filename></term>
401
OpenPGP public key file which will be created or
407
<term><filename>/tmp</filename></term>
410
Temporary files will be written here if
411
<varname>TMPDIR</varname> is not set.
418
291
<refsect1 id="bugs">
419
292
<title>BUGS</title>
421
None are known at this time.
425
297
<refsect1 id="example">
426
298
<title>EXAMPLE</title>
429
Normal invocation needs no options:
432
<userinput>mandos-keygen</userinput>
437
Create keys in another directory and of another type. Force
438
overwriting old key files:
442
<!-- do not wrap this line -->
443
<userinput>mandos-keygen --dir ~/keydir --type RSA --force</userinput>
449
303
<refsect1 id="security">
450
304
<title>SECURITY</title>
452
The <option>--type</option>, <option>--length</option>,
453
<option>--subtype</option>, and <option>--sublength</option>
454
options can be used to create keys of insufficient security. If
455
in doubt, leave them to the default values.
458
The key expire time is not guaranteed to be honored by
459
<citerefentry><refentrytitle>mandos</refentrytitle>
460
<manvolnum>8</manvolnum></citerefentry>.
467
312
<citerefentry><refentrytitle>password-request</refentrytitle>
468
313
<manvolnum>8mandos</manvolnum></citerefentry>,
469
314
<citerefentry><refentrytitle>mandos</refentrytitle>
470
<manvolnum>8</manvolnum></citerefentry>,
315
<manvolnum>8</manvolnum></citerefentry>, and
471
316
<citerefentry><refentrytitle>gpg</refentrytitle>
472
317
<manvolnum>1</manvolnum></citerefentry>