projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
added FIXMEs to the configuration documentation: there are some pieces that need...
[monkeysphere.git]
/
etc
/
monkeysphere.conf
diff --git
a/etc/monkeysphere.conf
b/etc/monkeysphere.conf
index 385165a28a83e99e1d224999a747e9cc7029a76e..cce936665830de5992f40e37f5d47bbf84406481 100644
(file)
--- a/
etc/monkeysphere.conf
+++ b/
etc/monkeysphere.conf
@@
-1,7
+1,7
@@
# MonkeySphere system-wide client configuration file.
# MonkeySphere system-wide client configuration file.
-#
authorized_user_ids file
-#
AUTHORIZED_USER_IDS=~/.config/monkeysphere/authorized_user_ids
+#
This is an sh-style shell configuration file. Variable names should
+#
be separated from their assignements by a single '=' and no spaces.
# GPG home directory
#GNUPGHOME=~/.gnupg
# GPG home directory
#GNUPGHOME=~/.gnupg
@@
-9,23
+9,30
@@
# GPG keyserver to search for keys
#KEYSERVER=subkeys.pgp.net
# GPG keyserver to search for keys
#KEYSERVER=subkeys.pgp.net
+# FIXME: consider removing REQUIRED_*_KEY_CAPABILITY entirely from
+# this example config, given our discussion
# Required key capabilities
# Must be quoted, lowercase, space-seperated list of the following:
# e = encrypt
# s = sign
# c = certify
# a = authentication
# Required key capabilities
# Must be quoted, lowercase, space-seperated list of the following:
# e = encrypt
# s = sign
# c = certify
# a = authentication
-#REQUIRED_KEY_CAPABILITY="e a"
+#REQUIRED_HOST_KEY_CAPABILITY="a"
+#REQUIRED_USER_KEY_CAPABILITY="a"
-# Path to user-controlled authorized_keys file to add to
-# Monkeysphere-generated authorized_keys file. If empty, then no
-# user-controlled file will be added.
-#USER_CONTROLLED_AUTHORIZED_KEYS=~/.ssh/authorized_keys
+# ssh known_hosts file
+#KNOWN_HOSTS=~/.ssh/known_hosts
-# User known_hosts file
-#USER_KNOWN_HOSTS=~/.ssh/known_hosts
+# Whether or not to hash the generated known_hosts lines.
+# Should be "true" or "false"
+#HASH_KNOWN_HOSTS=true
-# Whether or not to hash the generated known_hosts lines
-# (empty mean "no").
-#HASH_KNOWN_HOSTS=
+# ssh authorized_keys file (FIXME: why is this relevant in this file?)
+#AUTHORIZED_KEYS=~/.ssh/known_hosts
+# check keyservers at every ssh connection:
+# This overrides other environment variables (FIXME: what does this mean???)
+# NOTE: setting CHECK_KEYSERVER to true will leak information about
+# the timing and frequency of your ssh connections to the maintainer
+# of the keyserver.
+#CHECK_KEYSERVER=true