/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2017-02-21 21:42:08 UTC
  • Revision ID: teddy@recompile.se-20170221214208-09wu1p4l2hjhqfoj
Use "read -r" in shell scripts to avoid backslash escapes

* initramfs-tools-hook: Use "read -r" to read filenames from network
  hook given the "files" argument.
* initramfs-tools-script: Use "read -e" when parsing
  "/conf/conf.d/cryptroot".
* mandos-keygen (keygen): Use "read -r" when reading passphrase.

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY CONFNAME "mandos-clients.conf">
5
5
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
6
 
<!ENTITY TIMESTAMP "2013-10-15">
 
6
<!ENTITY TIMESTAMP "2016-06-23">
7
7
<!ENTITY % common SYSTEM "common.ent">
8
8
%common;
9
9
]>
37
37
      <year>2010</year>
38
38
      <year>2011</year>
39
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <year>2016</year>
40
44
      <holder>Teddy Hogeborn</holder>
41
45
      <holder>Björn Påhlsson</holder>
42
46
    </copyright>
177
181
            <varname>PATH</varname> will be searched.  The default
178
182
            value for the checker command is <quote><literal
179
183
            ><command>fping</command> <option>-q</option> <option
180
 
            >--</option> %%(host)s</literal></quote>.
 
184
            >--</option> %%(host)s</literal></quote>.  Note that
 
185
            <command>mandos-keygen</command>, when generating output
 
186
            to be inserted into this file, normally looks for an SSH
 
187
            server on the Mandos client, and, if it find one, outputs
 
188
            a <option>checker</option> option to check for the
 
189
            client’s key fingerprint – this is more secure against
 
190
            spoofing.
181
191
          </para>
182
192
          <para>
183
193
            In addition to normal start time expansion, this option
220
230
          <para>
221
231
            This option sets the OpenPGP fingerprint that identifies
222
232
            the public key that clients authenticate themselves with
223
 
            through TLS.  The string needs to be in hexidecimal form,
 
233
            through TLS.  The string needs to be in hexadecimal form,
224
234
            but spaces or upper/lower case are not significant.
225
235
          </para>
226
236
        </listitem>
453
463
      <literal>%(<replaceable>foo</replaceable>)s</literal> is
454
464
      obscure.
455
465
    </para>
 
466
    <xi:include href="bugs.xml"/>
456
467
  </refsect1>
457
468
  
458
469
  <refsect1 id="example">