X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman8%2Fmonkeysphere-authentication.8;h=38df65dbf396d659dfe6efe23ebaad303aba9241;hb=39996655a57ca3167e733d0a0457941ae4060270;hp=9b8baa9960d7d1940c9519dd6b25ebe38682bc7a;hpb=a2a3d02d1aaf2d3dae3afea90c85cd6ca9f7ce4d;p=monkeysphere.git diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index 9b8baa9..38df65d 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -21,13 +21,7 @@ authentication. .SH SUBCOMMANDS -\fBmonkeysphere-authentication\fP takes various subcommands. -.TP -.B setup -Setup the server for Monkeysphere user authentication. This command -is idempotent, which means it can be run multiple times to make sure -the setup is correct, without adversely affecting existing setups. -`s' may be used in place of `setup'. +\fBmonkeysphere-authentication\fP takes various subcommands: .TP .B update-users [ACCOUNT]... Rebuild the monkeysphere-controlled authorized_keys files. For each @@ -62,6 +56,21 @@ Instruct system to ignore user identity certifications made by KEYID. List key IDs trusted by the system to certify user identities. `c' may be used in place of `list-id-certifiers'. .TP +.B help +Output a brief usage summary. `h' or `?' may be used in place of +`help'. +.TP +.B version +show version number + +Other commands: +.TP +.B setup +Setup the server for Monkeysphere user authentication. This command +is idempotent and run automatically by the other commands, and should +therefore not usually need to be run manually. `s' may be used in +place of `setup'. +.TP .B diagnostics Review the state of the server with respect to authentication. `d' may be used in place of `diagnostics'. @@ -72,13 +81,6 @@ authentication "sphere" keyring. This takes a single argument (multiple gpg arguments need to be quoted). Use this command with caution, as modifying the authentication sphere keyring can affect ssh user authentication. -.TP -.B help -Output a brief usage summary. `h' or `?' may be used in place of -`help'. -.TP -.B version -show version number .SH SETUP USER AUTHENTICATION @@ -129,22 +131,29 @@ The following environment variables will override those specified in the config file (defaults in parentheses): .TP MONKEYSPHERE_MONKEYSPHERE_USER -User to control authentication keychain (monkeysphere). +User to control authentication keychain. (monkeysphere) .TP MONKEYSPHERE_LOG_LEVEL -Set the log level (INFO). Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in -increasing order of verbosity. +Set the log level. Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in +increasing order of verbosity. (INFO) .TP MONKEYSPHERE_KEYSERVER -OpenPGP keyserver to use (pool.sks-keyservers.net). +OpenPGP keyserver to use. (pool.sks-keyservers.net) .TP MONKEYSPHERE_AUTHORIZED_USER_IDS -Path to user authorized_user_ids file -(%h/.monkeysphere/authorized_user_ids). +Path to user's authorized_user_ids file. %h gets replaced with the +user's homedir, %u with the username. +(%h/.monkeysphere/authorized_user_ids) .TP MONKEYSPHERE_RAW_AUTHORIZED_KEYS -Path to user-controlled authorized_keys file. `-' means not to add -user-controlled file (%h/.ssh/authorized_keys). +Path to regular ssh-style authorized_keys file to append to +monkeysphere-generated authorized_keys. `none' means not to add any +raw authorized_keys file. %h gets replaced with the user's homedir, +%u with the username. (%h/.ssh/authorized_keys) +.TP +MONKEYSPHERE_PROMPT +If set to `false', never prompt the user for confirmation. (true) + .SH FILES @@ -152,7 +161,7 @@ user-controlled file (%h/.ssh/authorized_keys). /etc/monkeysphere/monkeysphere-authentication.conf System monkeysphere-authentication config file. .TP -/var/lib/monkeysphere/authentication/authorized_keys/USER +/var/lib/monkeysphere/authorized_keys/USER Monkeysphere-generated user authorized_keys files. .SH AUTHOR