ikiwiki reasonably refuses to follow symlinks, so rather than symlink

[monkeysphere.git] / doc / README.admin

diff --git a/doc/README.admin b/doc/README.admin
index 25a7a806f6d4268ee1e2713d6d7886f1f254ee35..e97c7944e0ea99af7cbba8bac2ed7229a9c2452d 100644 (file)
--- a/doc/README.admin
+++ b/doc/README.admin
@@ -4,30 +4,31 @@ Monkeysphere Server Administrator README
 FIXME: distinguish between publishing a new monkeysphere-enabled host
 key and accepting user identification via the web-of-trust.
 
+
 server service publication
 --------------------------
 To publish a server host key:
 
-# monkeysphere-server gen-key
-# monkeysphere-server publish-key
+               # monkeysphere-server gen-key
+               # monkeysphere-server publish-key
 
 This will generate the key for server with the service URI
 (ssh://server.hostname).  The server admin should now sign the server
 key so that people in the admin's web of trust can authenticate the
 server without manual host key checking:
 
-$ gpg --search ='ssh://server.hostname'
-$ gpg --sign-key ='ssh://server.hostname'
+               $ gpg --search ='ssh://server.hostname'
+               $ gpg --sign-key ='ssh://server.hostname'
 
 
 Update OpenSSH configuration files
 ----------------------------------
 
-To use the newly-generated host key for ssh connections, Put the
+To use the newly-generated host key for ssh connections, put the
 following line in /etc/ssh/sshd_config (be sure to remove references
 to any other key):
 
-HostKey /var/lib/monkeysphere/ssh_host_rsa_key
+               HostKey /var/lib/monkeysphere/ssh_host_rsa_key
 
 FIXME: should we just suggest symlinks in the filesystem here instead?
 
@@ -37,8 +38,7 @@ To enable users to use the monkeysphere to authenticate against the
 web-of-trust, add this line to /etc/ssh/sshd_config (again, making
 sure that no other AuthorizedKeysFile directive exists):
 
-AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
-
+               AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u
 
 
 MonkeySphere authorized_keys maintenance
@@ -50,7 +50,7 @@ users.
 For each user account on the server, the userids of people authorized
 to log into that account would be placed in:
 
-  ~/.config/monkeysphere/authorized_user_ids
+               ~/.config/monkeysphere/authorized_user_ids
 
 However, in order for users to become authenticated, the server must
 determine that the user keys have "full" validity.  This means that
@@ -59,17 +59,17 @@ connecting user's key would validate the user.  This would generally be
 the server admin.  If the server admin's keyid is XXXXXXXX, then on
 the server run:
 
-# monkeysphere-server add-identity-certifier XXXXXXXX
+               # monkeysphere-server add-identity-certifier XXXXXXXX
 
 To update the monkeysphere authorized_keys file for user "bob", the
 system would then run the following:
 
-# monkeysphere-server update-users bob
+               # monkeysphere-server update-users bob
 
 To update the monkeysphere authorized_keys file for all users on the
 the system, run the same command with no arguments:
 
-# monkeysphere-server update-users
+               # monkeysphere-server update-users
 
 You probably want to set up a regularly scheduled job (e.g. with cron)
 to take care of this regularly.