X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman8%2Fmonkeysphere-authentication.8;h=d891edaa9af7d92973bf0f0eee9f1aaf3e03efe2;hb=d670eab60c0ce98bb9f4dc439f9bbd0452ee0d0a;hp=d3d3b952fd8bf3702c9876bbc3d1445ddb24cfcc;hpb=eb815bce0da27a24ad718c31b77e45032e3a5916;p=monkeysphere.git

diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8
index d3d3b95..d891eda 100644
--- a/man/man8/monkeysphere-authentication.8
+++ b/man/man8/monkeysphere-authentication.8
@@ -1,4 +1,4 @@
-.TH MONKEYSPHERE-SERVER "8" "March 2009" "monkeysphere" "User Commands"
+.TH MONKEYSPHERE-AUTHENTICATION "8" "January 2010" "monkeysphere" "System Commands"
 
 .SH NAME
 
@@ -11,9 +11,9 @@ monkeysphere\-authentication - Monkeysphere authentication admin tool.
 .SH DESCRIPTION
 
 \fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust
-(WoT) for OpenSSH authentication.  OpenPGP keys are tracked via GnuPG,
-and added to the authorized_keys and known_hosts files used by OpenSSH
-for connection authentication.
+(WoT) for key-based authentication.  OpenPGP keys are tracked via
+GnuPG, and added to the authorized_keys files used by OpenSSH for
+connection authentication.
 
 \fBmonkeysphere\-authentication\fP is a Monkeysphere server admin
 utility for configuring and managing SSH user authentication through
@@ -37,6 +37,11 @@ monkeysphere-controlled authorized_keys file.  If no accounts are
 specified, then all accounts on the system are processed.  `u' may be
 used in place of `update\-users'.
 .TP
+.B refresh\-keys
+Refresh all keys in the monkeysphere-authentication keyring.  If no
+accounts are specified, then all accounts on the system are processed.
+`r' may be used in place of `refresh\-keys'.
+.TP
 .B add\-id\-certifier KEYID|FILE
 Instruct system to trust user identity certifications made by KEYID.
 The key ID will be loaded from the keyserver.  A file may be loaded
@@ -160,6 +165,11 @@ raw authorized_keys file.  %h gets replaced with the user's homedir,
 .TP
 MONKEYSPHERE_PROMPT
 If set to `false', never prompt the user for confirmation. (true)
+.TP
+MONKEYSPHERE_STRICT_MODES
+If set to `false', ignore too-loose permissions on known_hosts,
+authorized_keys, and authorized_user_ids files.  NOTE: setting this to
+false may expose users to abuse by other users on the system. (true)
 
 .SH FILES