X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=etc%2Fmonkeysphere.conf;h=cce936665830de5992f40e37f5d47bbf84406481;hb=91bf57bac7bed32937c13595044158007e7b5812;hp=d478b9315843ddb0cd93437494e322dff038d642;hpb=07cb14cdb80ef060e63ba2713ef70b67db9f5783;p=monkeysphere.git

diff --git a/etc/monkeysphere.conf b/etc/monkeysphere.conf
index d478b93..cce9366 100644
--- a/etc/monkeysphere.conf
+++ b/etc/monkeysphere.conf
@@ -3,33 +3,36 @@
 # This is an sh-style shell configuration file.  Variable names should
 # be separated from their assignements by a single '=' and no spaces.
 
-# authorized_user_ids file
-#AUTHORIZED_USER_IDS=~/.config/monkeysphere/authorized_user_ids
-
 # GPG home directory
 #GNUPGHOME=~/.gnupg
 
 # GPG keyserver to search for keys
 #KEYSERVER=subkeys.pgp.net
 
+# FIXME: consider removing REQUIRED_*_KEY_CAPABILITY entirely from
+# this example config, given our discussion
 # Required key capabilities
 # Must be quoted, lowercase, space-seperated list of the following:
 #   e = encrypt
 #   s = sign
 #   c = certify
 #   a = authentication
-#REQUIRED_HOST_KEY_CAPABILITY="e a"
+#REQUIRED_HOST_KEY_CAPABILITY="a"
 #REQUIRED_USER_KEY_CAPABILITY="a"
 
-# Path to user-controlled authorized_keys file to add to
-# Monkeysphere-generated authorized_keys file. If empty, then no
-# user-controlled file will be added.
-#USER_CONTROLLED_AUTHORIZED_KEYS=~/.ssh/authorized_keys
+# ssh known_hosts file
+#KNOWN_HOSTS=~/.ssh/known_hosts
 
-# User known_hosts file
-#USER_KNOWN_HOSTS=~/.ssh/known_hosts
+# Whether or not to hash the generated known_hosts lines.
+# Should be "true" or "false"
+#HASH_KNOWN_HOSTS=true
 
-# Whether or not to hash the generated known_hosts lines
-# (empty mean "no").
-#HASH_KNOWN_HOSTS=
+# ssh authorized_keys file (FIXME: why is this relevant in this file?)
+#AUTHORIZED_KEYS=~/.ssh/known_hosts
 
+# check keyservers at every ssh connection:
+# This overrides other environment variables (FIXME: what does this mean???)
+# NOTE: setting CHECK_KEYSERVER to true will leak information about
+# the timing and frequency of your ssh connections to the maintainer
+# of the keyserver.
+#CHECK_KEYSERVER=true