From d263f30d4fe03d1976ecd899ba2482cb870c2a4d Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 21 Jun 2008 20:32:33 -0400 Subject: Improved gen-key function for server. Update TODO. --- man/man8/monkeysphere-server.8 | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'man/man8') diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8 index 3073adc..2b5af5e 100644 --- a/man/man8/monkeysphere-server.8 +++ b/man/man8/monkeysphere-server.8 @@ -51,6 +51,25 @@ in place of `trust-keys'. Output a brief usage summary. `h' or `?' may be used in place of `help'. +.SH SETUP + +In order to start using the monkeysphere, there are a couple of things +you need to do first. The first is to generate an OpenPGP key for the +server and convert that key to an ssh key that can be used by ssh for +host authentication. To do this, run the "gen-key" subcommand. Once +that is done, publish the key to a keyserver with "publish-key" +subcommand. Finally, you need to modify the sshd_config to tell sshd +where the new server host key: + +HostKey /etc/monkeysphere/ssh_host_rsa_key + +If the server will also handle user authentication through +monkeysphere-generated authorized_keys files, set the following: + +AuthorizedKeysFile /var/cache/monkeysphere/authorized_keys/%u + +Once those changes are made, restart the ssh server. + .SH FILES .TP @@ -63,6 +82,9 @@ System-wide monkeysphere config file. /etc/monkeysphere/gnupg Monkeysphere GNUPG home directory. .TP +/etc/monkeysphere/ssh_host_rsa_key +Copy of the host's private key in ssh format, suitable for use by sshd. +.TP /etc/monkeysphere/authorized_user_ids/USER Server maintained authorized_user_ids files for users. .TP -- cgit v1.2.3