used in place of `update-users'.
.TP
.B gen-key [HOSTNAME]
-Generate a OpenPGP key pair for the host. If HOSTNAME is not
-specified, then the system fully-qualified domain name will be user.
-An alternate key bit length can be specified with the `-l' or
-`--length' option (default 2048). An expiration length can be
-specified with the `-e' or `--expire' option (prompt otherwise). A
-key revoker fingerprint can be specified with the `-r' or `--revoker'
-option. `g' may be used in place of `gen-key'.
-.TP
-.B show-fingerprint
-Show the fingerprint for the host's OpenPGP key. `f' may be used in place of
-`show-fingerprint'.
+Generate a OpenPGP key for the host. If HOSTNAME is not specified,
+then the system fully-qualified domain name will be user. An
+alternate key bit length can be specified with the `-l' or `--length'
+option (default 2048). An expiration length can be specified with the
+`-e' or `--expire' option (prompt otherwise). The expiration format
+is the same as that of \fBextend-key\fP, below. A key revoker
+fingerprint can be specified with the `-r' or `--revoker' option. `g'
+may be used in place of `gen-key'.
+.TP
+.B extend-key EXPIRE
+Extend the validity of the OpenPGP key for the host until EXPIRE from
+the present. If EXPIRE is not specified, then the user will be
+prompted for the extension term. Expiration is specified like GnuPG
+does:
+.nf
+ 0 = key does not expire
+ <n> = key expires in n days
+ <n>w = key expires in n weeks
+ <n>m = key expires in n months
+ <n>y = key expires in n years
+.fi
+`e' may be used in place of `extend-key'.
+.TP
+.B add-hostname HOSTNAME
+Add a hostname user ID to the server host key. `n+' may be used in
+place of `add-hostname'.
+.TP
+.B revoke-hostname HOSTNAME
+Revoke a hostname user ID from the server host key. `n-' may be used
+in place of `revoke-hostname'.
+.TP
+.B show-key
+Output gpg information about host's OpenPGP key. `s' may be used in
+place of `show-key'.
.TP
.B publish-key
Publish the host's OpenPGP key to the keyserver. `p' may be used in
based on the appropriately signed and valid keys associated with user
IDs listed in the authorized_user_ids file of the local user. By
default, the authorized_user_ids file for local users is found in
-~/.config/monkeysphere/authorized_user_ids. This can be changed in
-the monkeysphere-server.conf file.
+~/.monkeysphere/authorized_user_ids. This can be changed in the
+monkeysphere-server.conf file.
The \fBupdate-users\fP command can then be used to generate
authorized_keys file for local users based on the authorized user IDs
the monkeysphere-server.conf configuration file (defaults in
parentheses):
.TP
+MONKEYSPHERE_LOG_LEVEL
+Set the log level (INFO). Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in
+increasing order of verbosity.
+.TP
MONKEYSPHERE_KEYSERVER
OpenPGP keyserver to use (subkeys.pgp.net).
.TP
MONKEYSPHERE_AUTHORIZED_USER_IDS
Path to user authorized_user_ids file
-(%h/.config/monkeysphere/authorized_user_ids).
+(%h/.monkeysphere/authorized_user_ids).
.TP
MONKEYSPHERE_RAW_AUTHORIZED_KEYS
Path to user-controlled authorized_keys file. `-' means not to add