projects
/
monkeysphere.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
actually ship new upstream changelog
[monkeysphere.git]
/
man
/
man8
/
monkeysphere-authentication.8
diff --git
a/man/man8/monkeysphere-authentication.8
b/man/man8/monkeysphere-authentication.8
index d3d3b952fd8bf3702c9876bbc3d1445ddb24cfcc..d891edaa9af7d92973bf0f0eee9f1aaf3e03efe2 100644
(file)
--- a/
man/man8/monkeysphere-authentication.8
+++ b/
man/man8/monkeysphere-authentication.8
@@
-1,4
+1,4
@@
-.TH MONKEYSPHERE-
SERVER "8" "March 2009" "monkeysphere" "User
Commands"
+.TH MONKEYSPHERE-
AUTHENTICATION "8" "January 2010" "monkeysphere" "System
Commands"
.SH NAME
.SH NAME
@@
-11,9
+11,9
@@
monkeysphere\-authentication - Monkeysphere authentication admin tool.
.SH DESCRIPTION
\fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust
.SH DESCRIPTION
\fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust
-(WoT) for
OpenSSH authentication. OpenPGP keys are tracked via GnuPG,
-and added to the authorized_keys and known_hosts files used by OpenSSH
-
for
connection authentication.
+(WoT) for
key-based authentication. OpenPGP keys are tracked via
+GnuPG, and added to the authorized_keys files used by OpenSSH for
+connection authentication.
\fBmonkeysphere\-authentication\fP is a Monkeysphere server admin
utility for configuring and managing SSH user authentication through
\fBmonkeysphere\-authentication\fP is a Monkeysphere server admin
utility for configuring and managing SSH user authentication through
@@
-37,6
+37,11
@@
monkeysphere-controlled authorized_keys file. If no accounts are
specified, then all accounts on the system are processed. `u' may be
used in place of `update\-users'.
.TP
specified, then all accounts on the system are processed. `u' may be
used in place of `update\-users'.
.TP
+.B refresh\-keys
+Refresh all keys in the monkeysphere-authentication keyring. If no
+accounts are specified, then all accounts on the system are processed.
+`r' may be used in place of `refresh\-keys'.
+.TP
.B add\-id\-certifier KEYID|FILE
Instruct system to trust user identity certifications made by KEYID.
The key ID will be loaded from the keyserver. A file may be loaded
.B add\-id\-certifier KEYID|FILE
Instruct system to trust user identity certifications made by KEYID.
The key ID will be loaded from the keyserver. A file may be loaded
@@
-160,6
+165,11
@@
raw authorized_keys file. %h gets replaced with the user's homedir,
.TP
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
.TP
MONKEYSPHERE_PROMPT
If set to `false', never prompt the user for confirmation. (true)
+.TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files. NOTE: setting this to
+false may expose users to abuse by other users on the system. (true)
.SH FILES
.SH FILES