diff options
| author | Matt Goins <mjgoins@openflows.com> | 2009-02-20 11:42:10 -0500 |
|---|---|---|
| committer | Matt Goins <mjgoins@openflows.com> | 2009-02-20 11:42:10 -0500 |
| commit | d41fe28eb49e42d7773a223a43fd108913410c99 (patch) | |
| tree | a109a88b02089a3f328730a9aa394e3155fda916 /man/man8/monkeysphere-authentication.8 | |
| parent | 3b48f2e80fac8d0fc62537ed07b3d1f1946648cd (diff) | |
| parent | 9b47ae89c3840eb2af9a57a885e19ccbe36957d5 (diff) | |
Merge commit 'jrollins/master'
Diffstat (limited to 'man/man8/monkeysphere-authentication.8')
| -rw-r--r-- | man/man8/monkeysphere-authentication.8 | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index 4d453d3..361822d 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -37,8 +37,11 @@ monkeysphere-controlled authorized_keys file. If no accounts are specified, then all accounts on the system are processed. `u' may be used in place of `update-users'. .TP -.B add-id-certifier KEYID +.B add-id-certifier KEYID|FILE Instruct system to trust user identity certifications made by KEYID. +The key ID will be loaded from the keyserver. A file may be loaded +instead of pulling the key from the keyserver by specifying the path +to the file as the argument, or by specifying `-` to load from stdin. Using the `-n' or `--domain' option allows you to indicate that you only trust the given KEYID to make identifications within a specific domain (e.g. "trust KEYID to certify user identities within the @@ -131,22 +134,29 @@ The following environment variables will override those specified in the config file (defaults in parentheses): .TP MONKEYSPHERE_MONKEYSPHERE_USER -User to control authentication keychain (monkeysphere). +User to control authentication keychain. (monkeysphere) .TP MONKEYSPHERE_LOG_LEVEL -Set the log level (INFO). Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in -increasing order of verbosity. +Set the log level. Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in +increasing order of verbosity. (INFO) .TP MONKEYSPHERE_KEYSERVER -OpenPGP keyserver to use (pool.sks-keyservers.net). +OpenPGP keyserver to use. (pool.sks-keyservers.net) .TP MONKEYSPHERE_AUTHORIZED_USER_IDS -Path to user authorized_user_ids file -(%h/.monkeysphere/authorized_user_ids). +Path to user's authorized_user_ids file. %h gets replaced with the +user's homedir, %u with the username. +(%h/.monkeysphere/authorized_user_ids) .TP MONKEYSPHERE_RAW_AUTHORIZED_KEYS -Path to user-controlled authorized_keys file. `-' means not to add -user-controlled file (%h/.ssh/authorized_keys). +Path to regular ssh-style authorized_keys file to append to +monkeysphere-generated authorized_keys. `none' means not to add any +raw authorized_keys file. %h gets replaced with the user's homedir, +%u with the username. (%h/.ssh/authorized_keys) +.TP +MONKEYSPHERE_PROMPT +If set to `false', never prompt the user for confirmation. (true) + .SH FILES @@ -154,7 +164,7 @@ user-controlled file (%h/.ssh/authorized_keys). /etc/monkeysphere/monkeysphere-authentication.conf System monkeysphere-authentication config file. .TP -/var/lib/monkeysphere/authentication/authorized_keys/USER +/var/lib/monkeysphere/authorized_keys/USER Monkeysphere-generated user authorized_keys files. .SH AUTHOR |