Update man pages, and tweak default error return code.

2 files changed, 56 insertions, 4 deletions

diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 07cd3ea..05376d0 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -53,13 +53,37 @@ none were acceptable.  `a' may be used in place of
 .B gen-subkey KEYID
 Generate an authentication subkey.  For the primary key with the
 specified key ID, generate a subkey with "authentication" capability
-that can be used for monkeysphere transactions.  `g' may be used in
-place of `gen-subkey'.
+that can be used for monkeysphere transactions.  An expiration length
+can be specified with the `-e' or `--expire' option (prompt
+otherwise).  `g' may be used in place of `gen-subkey'.
 .TP
 .B help
 Output a brief usage summary.  `h' or `?' may be used in place of
 `help'.
 
+.SH ENVIRONMENT
+
+The following environment variables will override those specified in
+the monkeysphere.conf configuration file (defaults in parentheses):
+.TP
+MONKEYSPHERE_GNUPGHOME, GNUPGHOME
+GnuPG home directory (~/.gnupg).
+.TP
+MONKEYSPHERE_KEYSERVER
+OpenPGP keyserver to use (subkeys.pgp.net).
+.TP
+MONKEYSPHERE_CHECK_KEYSERVER
+Whether or not to check keyserver when making gpg queries (`true').
+.TP
+MONKEYSPHERE_KNOWN_HOSTS
+Path to ssh known_hosts file (~/.ssh/known_hosts).
+.TP
+MONKEYSPHERE_HASH_KNOWN_HOSTS
+Whether or not to hash to the known_hosts file entries (`true').
+.TP
+MONKEYSPHERE_AUTHORIZED_KEYS
+Path to ssh authorized_keys file (~/.ssh/authorized_keys).
+
 .SH FILES
 
 .TP
diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index f33ffea..0e699b9 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -38,7 +38,11 @@ used in place of `update-users'.
 .B gen-key [HOSTNAME]
 Generate a OpenPGP key pair for the host.  If HOSTNAME is not
 specified, then the system fully-qualified domain name will be user.
-`g' may be used in place of `gen-key'.
+An alternate key bit length can be specified with the `-l' or
+`--length' option (default 2048).  An expiration length can be
+specified with the `-e' or `--expire' option (prompt otherwise).  A
+key revoker fingerprint can be specified with the `-r' or `--revoker'
+option.  `g' may be used in place of `gen-key'.
 .TP
 .B show-fingerprint
 Show the fingerprint for the host's OpenPGP key.  `f' may be used in place of
@@ -50,7 +54,11 @@ place of `publish-key'.
 .TP
 .B add-identity-certifier KEYID
 Instruct system to trust user identity certifications made by KEYID.
-`a' may be used in place of `add-identity-certifier'.
+A certifier domain can be specified with the `-n' or `--domain'
+option.  A certifier trust level can be specified with the `-t' or
+`--trust' option (default is `full').  A certifier trust depth can be
+specified with the `-d' or `--depth' option (default is 1).  `a' may
+be used in place of `add-identity-certifier'.
 .TP
 .B remove-identity-certifier KEYID
 Instruct system to ignore user identity certifications made by KEYID.
@@ -125,6 +133,26 @@ It is recommended to add "monkeysphere-server update-users" to a
 system crontab, so that user keys are kept up-to-date, and key
 revokations and expirations can be processed in a timely manor.
 
+.SH ENVIRONMENT
+
+The following environment variables will override those specified in
+the monkeysphere-server.conf configuration file (defaults in
+parentheses):
+.TP
+MONKEYSPHERE_KEYSERVER
+OpenPGP keyserver to use (subkeys.pgp.net).
+.TP
+MONKEYSPHERE_AUTHORIZED_USER_IDS
+Path to user authorized_user_ids file
+(%h/.config/monkeysphere/authorized_user_ids).
+.TP
+MONKEYSPHERE_RAW_AUTHORIZED_KEYS
+Path to user-controlled authorized_keys file.  `-' means not to add
+user-controlled file (%h/.ssh/authorized_keys).
+.TP
+MONKEYSPHERE_MONKEYSPHERE_USER
+User to control authentication keychain (monkeypshere).
+
 .SH FILES
 
 .TP