Improved gen-key function for server.

[monkeysphere.git] / man / man8 / monkeysphere-server.8

diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index 3073adc698ca28a69432afcd3e1484acadae3bbf..2b5af5ec574f936bdcc4359808f227c7c1ccb6cb 100644 (file)
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -51,6 +51,25 @@ in place of `trust-keys'.
 Output a brief usage summary.  `h' or `?' may be used in place of
 `help'.
 
+.SH SETUP
+
+In order to start using the monkeysphere, there are a couple of things
+you need to do first.  The first is to generate an OpenPGP key for the
+server and convert that key to an ssh key that can be used by ssh for
+host authentication.  To do this, run the "gen-key" subcommand.  Once
+that is done, publish the key to a keyserver with "publish-key"
+subcommand.  Finally, you need to modify the sshd_config to tell sshd
+where the new server host key:
+
+HostKey /etc/monkeysphere/ssh_host_rsa_key
+
+If the server will also handle user authentication through
+monkeysphere-generated authorized_keys files, set the following:
+
+AuthorizedKeysFile /var/cache/monkeysphere/authorized_keys/%u
+
+Once those changes are made, restart the ssh server.
+
 .SH FILES
 
 .TP
@@ -63,6 +82,9 @@ System-wide monkeysphere config file.
 /etc/monkeysphere/gnupg
 Monkeysphere GNUPG home directory.
 .TP
+/etc/monkeysphere/ssh_host_rsa_key
+Copy of the host's private key in ssh format, suitable for use by sshd.
+.TP
 /etc/monkeysphere/authorized_user_ids/USER
 Server maintained authorized_user_ids files for users.
 .TP