diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8 index f207e2c..29c7b6a 100644 --- man/man8/monkeysphere-server.8 +++ man/man8/monkeysphere-server.8 @@ -128,7 +128,7 @@ command to push the key to a keyserver. You must also modify the sshd_config on the server to tell sshd where the new server host key is located: -HostKey /var/lib/monkeysphere/ssh_host_rsa_key +HostKey /var/monkeysphere/ssh_host_rsa_key In order for users logging into the system to be able to verify the host via the monkeysphere, at least one person (e.g. a server admin) @@ -170,7 +170,7 @@ users. You must also tell sshd to look at the monkeysphere-generated authorized_keys file for user authentication by setting the following in the sshd_config: -AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u +AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u It is recommended to add "monkeysphere-server update-users" to a system crontab, so that user keys are kept up-to-date, and key @@ -209,17 +209,17 @@ System monkeysphere-server config file. /etc/monkeysphere/monkeysphere.conf System-wide monkeysphere config file. .TP -/var/lib/monkeysphere/authorized_keys/USER +/var/monkeysphere/authorized_keys/USER Monkeysphere-generated user authorized_keys files. .TP -/var/lib/monkeysphere/ssh_host_rsa_key +/var/monkeysphere/ssh_host_rsa_key Copy of the host's private key in ssh format, suitable for use by sshd. .TP -/var/lib/monkeysphere/gnupg-host +/var/monkeysphere/gnupg-host Monkeysphere host GNUPG home directory. .TP -/var/lib/monkeysphere/gnupg-authentication +/var/monkeysphere/gnupg-authentication Monkeysphere authentication GNUPG home directory. .SH AUTHOR diff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn index 6c8ad53..67fdda1 100644 --- doc/getting-started-admin.mdwn +++ doc/getting-started-admin.mdwn @@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections, put the following line in `/etc/ssh/sshd_config` (be sure to remove references to any other keys): - HostKey /var/lib/monkeysphere/ssh_host_rsa_key + HostKey /var/monkeysphere/ssh_host_rsa_key FIXME: should we just suggest symlinks in the filesystem here instead? @@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate using the OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again, making sure that no other AuthorizedKeysFile directive exists): - AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u + AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u And then read the section below about how to ensure these files are maintained. You'll need to restart `sshd` to have your changes take --- src/monkeysphere-server.orig 2008-10-25 18:01:19.000000000 -0400 +++ src/monkeysphere-server 2008-10-25 18:01:24.000000000 -0400 @@ -17,7 +17,7 @@ export SYSSHAREDIR . "${SYSSHAREDIR}/common" || exit 1 -SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} +SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"} export SYSDATADIR # UTC date in ISO 8601 format if needed --- etc/gnupg-authentication.conf.orig 2008-10-25 18:02:58.000000000 -0400 +++ etc/gnupg-authentication.conf 2008-10-25 18:03:04.000000000 -0400 @@ -4,8 +4,8 @@ # It is highly recommended that you # DO NOT MODIFY # these variables. -primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg -keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg +primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg +keyring /var/monkeysphere/gnupg-host/pubring.gpg # PGP keyserver to use for PGP queries. keyserver hkp://pgp.mit.edu