X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman1%2Fmonkeysphere.1;h=4d8eab649aca5570405352610d56771995391a4d;hb=dd71f5ec4a69c58f894f4f6961ca3786a192bc62;hp=5badaa9be70e6d52f8b045f74cb9de9bf7a9be63;hpb=8e5e66add8fdaada67288464750bc86fdb633b40;p=monkeysphere.git

diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 5badaa9..4d8eab6 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -11,9 +11,11 @@ monkeysphere - Monkeysphere client user interface
 .SH DESCRIPTION
 
 \fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust
-for OpenSSH authentication.  OpenPGP keys are tracked via GnuPG, and
-added to the authorized_keys and known_hosts files used by OpenSSH for
-connection authentication.
+for OpenSSH and TLS key-based authentication.  OpenPGP keys are
+tracked via GnuPG, and added to the authorized_keys and known_hosts
+files used by OpenSSH for connection authentication.  Monkeysphere can
+also be used by a validation agent to validate TLS connections
+(e.g. https).
 
 \fBmonkeysphere\fP is the Monkeysphere client utility.
 
@@ -130,6 +132,10 @@ place of `subkey\-to\-ssh\-agent'.
 Output the ssh fingerprint of a key in your gpg keyring. `f' may be
 used in place of `fingerprint'.
 .TP
+.B keys\-for\-userid USERID
+Output to stdout all acceptable keys for a given user ID literal.
+`u' may be used in place of `keys\-for\-userid'.
+.TP
 .B version
 Show the monkeysphere version number.  `v' may be used in place of
 `version'.
@@ -168,6 +174,11 @@ Path to ssh authorized_keys file. (~/.ssh/authorized_keys)
 MONKEYSPHERE_PROMPT
 If set to `false', never prompt the user for confirmation. (true)
 .TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files.  NOTE: setting this to
+false may expose you to abuse by other users on the system. (true)
+.TP
 MONKEYSPHERE_SUBKEYS_FOR_AGENT
 A space-separated list of authentication-capable subkeys to add to the
 ssh agent with subkey-to-ssh-agent.
@@ -182,13 +193,15 @@ User monkeysphere config file.
 System-wide monkeysphere config file.
 .TP
 ~/.monkeysphere/authorized_user_ids
-OpenPGP user IDs associated with keys that will be checked for
-addition to the authorized_keys file.
+A list of OpenPGP user IDs, one per line.  OpenPGP keys with an
+exactly-matching User ID (calculated valid by the designated identity
+certifiers), will have any valid authorization-capable keys or subkeys
+added to the given user's authorized_keys file.
 
 .SH AUTHOR
 
 Written by:
-Jameson Rollins <jrollins@fifthhorseman.net>,
+Jameson Rollins <jrollins@finestructure.net>,
 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 
 .SH SEE ALSO