Allow for passing CHECK_KEYSERVER variable to proxycommand

[monkeysphere.git] / etc / monkeysphere.conf

diff --git a/etc/monkeysphere.conf b/etc/monkeysphere.conf
index f2ba4a78c12c6b0e8377ac4d27da1d9e51d3ab4b..aa3a6640bd129eb893fc0aa8c17a8aa77741e430 100644 (file)
--- a/etc/monkeysphere.conf
+++ b/etc/monkeysphere.conf
@@ -9,14 +9,13 @@
 # GPG keyserver to search for keys
 #KEYSERVER=subkeys.pgp.net
 
-# Required key capabilities
-# Must be quoted, lowercase, space-seperated list of the following:
-#   e = encrypt
-#   s = sign
-#   c = certify
-#   a = authentication
-#REQUIRED_HOST_KEY_CAPABILITY="a"
-#REQUIRED_USER_KEY_CAPABILITY="a"
+# Set whether or not to check keyservers at every monkeysphere
+# interaction, including all ssh connections if you use the
+# monkeysphere-ssh-proxycommand.
+# NOTE: setting CHECK_KEYSERVER to true will leak information about
+# the timing and frequency of your ssh connections to the maintainer
+# of the keyserver.
+#CHECK_KEYSERVER=true
 
 # ssh known_hosts file
 #KNOWN_HOSTS=~/.ssh/known_hosts
@@ -25,9 +24,5 @@
 # Should be "true" or "false"
 #HASH_KNOWN_HOSTS=true
 
-# ssh authorized_keys file
-#AUTHORIZED_KEYS=~/.ssh/known_hosts
-
-# This overrides other environment variables
-# NOTE: there is leakage
-#CHECK_KEYRING=true
+# ssh authorized_keys file (FIXME: why is this relevant in this file?)
+#AUTHORIZED_KEYS=~/.ssh/authorized_keys