1
1
<?xml version='1.0' encoding='UTF-8'?>
2
<?xml-stylesheet type="text/xsl"
3
href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>
4
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
5
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
6
4
<!ENTITY VERSION "1.0">
7
5
<!ENTITY COMMANDNAME "mandos-keygen">
6
<!ENTITY OVERVIEW SYSTEM "overview.xml">
171
<refsect1 id="purpose">
172
<title>PURPOSE</title>
175
The purpose of this is to enable <emphasis>remote and unattended
176
rebooting</emphasis> of client host computer with an
177
<emphasis>encrypted root file system</emphasis>. See <xref
178
linkend="overview"/> for details.
172
183
<refsect1 id="options">
173
184
<title>OPTIONS</title>
270
<refsect1 id="overview">
271
<title>OVERVIEW</title>
274
This program is a small program to generate new OpenPGP keys for
259
279
<refsect1 id="exit_status">
260
280
<title>EXIT STATUS</title>
282
The exit status will be 0 if new keys were successfully created,
287
<refsect1 id="environment">
288
<title>ENVIRONMENT</title>
291
<term><varname>TMPDIR</varname></term>
294
If set, temporary files will be created here. See
295
<citerefentry><refentrytitle>mktemp</refentrytitle>
296
<manvolnum>1</manvolnum></citerefentry>.
265
303
<refsect1 id="file">
266
304
<title>FILES</title>
306
Use the <option>--dir</option> option to change where
307
<command>&COMMANDNAME;</command> will write the key files. The
308
default file names are shown here.
312
<term><filename>/etc/mandos/seckey.txt</filename></term>
315
OpenPGP secret key file which will be created or
321
<term><filename>/etc/mandos/pubkey.txt</filename></term>
324
OpenPGP public key file which will be created or
330
<term><filename>/tmp</filename></term>
333
Temporary files will be written here if
334
<varname>TMPDIR</varname> is not set.
271
341
<refsect1 id="bugs">
272
342
<title>BUGS</title>
344
None are known at this time.
277
<refsect1 id="examples">
278
<title>EXAMPLES</title>
348
<refsect1 id="example">
349
<title>EXAMPLE</title>
352
Normal invocation needs no options:
355
<userinput>mandos-keygen</userinput>
360
Create keys in another directory and of another type. Force
361
overwriting old key files:
365
<!-- do not wrap this line -->
366
<userinput>mandos-keygen --dir ~/keydir --type RSA --force</userinput>
283
372
<refsect1 id="security">
284
373
<title>SECURITY</title>
375
The <option>--type</option> and <option>--length</option>
376
options can be used to create keys of insufficient security. If
377
in doubt, leave them to the default values.
380
The key expire time is not guaranteed to be honored by
381
<citerefentry><refentrytitle>mandos</refentrytitle>
382
<manvolnum>8</manvolnum></citerefentry>.