From 5fadec09dcd44c4dcad657a0f3d96878b592b77b Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 10 Jul 2008 14:30:21 -0400 Subject: Update man pages, and tweak default error return code. --- man/man8/monkeysphere-server.8 | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'man/man8/monkeysphere-server.8') diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index f33ffea..0e699b9 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -38,7 +38,11 @@ used in place of `update-users'. .B gen-key [HOSTNAME] Generate a OpenPGP key pair for the host. If HOSTNAME is not specified, then the system fully-qualified domain name will be user. -`g' may be used in place of `gen-key'. +An alternate key bit length can be specified with the `-l' or +`--length' option (default 2048). An expiration length can be +specified with the `-e' or `--expire' option (prompt otherwise). A +key revoker fingerprint can be specified with the `-r' or `--revoker' +option. `g' may be used in place of `gen-key'. .TP .B show-fingerprint Show the fingerprint for the host's OpenPGP key. `f' may be used in place of @@ -50,7 +54,11 @@ place of `publish-key'. .TP .B add-identity-certifier KEYID Instruct system to trust user identity certifications made by KEYID. -`a' may be used in place of `add-identity-certifier'. +A certifier domain can be specified with the `-n' or `--domain' +option. A certifier trust level can be specified with the `-t' or +`--trust' option (default is `full'). A certifier trust depth can be +specified with the `-d' or `--depth' option (default is 1). `a' may +be used in place of `add-identity-certifier'. .TP .B remove-identity-certifier KEYID Instruct system to ignore user identity certifications made by KEYID. @@ -125,6 +133,26 @@ It is recommended to add "monkeysphere-server update-users" to a system crontab, so that user keys are kept up-to-date, and key revokations and expirations can be processed in a timely manor. +.SH ENVIRONMENT + +The following environment variables will override those specified in +the monkeysphere-server.conf configuration file (defaults in +parentheses): +.TP +MONKEYSPHERE_KEYSERVER +OpenPGP keyserver to use (subkeys.pgp.net). +.TP +MONKEYSPHERE_AUTHORIZED_USER_IDS +Path to user authorized_user_ids file +(%h/.config/monkeysphere/authorized_user_ids). +.TP +MONKEYSPHERE_RAW_AUTHORIZED_KEYS +Path to user-controlled authorized_keys file. `-' means not to add +user-controlled file (%h/.ssh/authorized_keys). +.TP +MONKEYSPHERE_MONKEYSPHERE_USER +User to control authentication keychain (monkeypshere). + .SH FILES .TP -- cgit v1.2.3