X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman8%2Fmonkeysphere-authentication.8;h=ea9debd33d99618ea785c9a1336e3c3545c6abb5;hb=24da4d0207c8d3c7586871dac3eea9d2a0b864c3;hp=572aa6a3e68e3bd679e370dc0026b1cb265dd651;hpb=6ef7064d32718cc3b93f1c240e5e88c48fa4cf66;p=monkeysphere.git diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index 572aa6a..ea9debd 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -1,4 +1,4 @@ -.TH MONKEYSPHERE-SERVER "8" "March 2009" "monkeysphere" "User Commands" +.TH MONKEYSPHERE-AUTHENTICATION "8" "January 2010" "monkeysphere" "System Commands" .SH NAME @@ -11,9 +11,9 @@ monkeysphere\-authentication - Monkeysphere authentication admin tool. .SH DESCRIPTION \fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust -(WoT) for OpenSSH authentication. OpenPGP keys are tracked via GnuPG, -and added to the authorized_keys and known_hosts files used by OpenSSH -for connection authentication. +(WoT) for key-based authentication. OpenPGP keys are tracked via +GnuPG, and added to the authorized_keys files used by OpenSSH for +connection authentication. \fBmonkeysphere\-authentication\fP is a Monkeysphere server admin utility for configuring and managing SSH user authentication through @@ -131,7 +131,7 @@ user authentication, the AuthorizedKeysFile parameter must be set in the sshd_config to point to the monkeysphere\-generated authorized_keys files: -AuthorizedKeysFile /var/lib/monkeysphere/authentication/authorized_keys/%u +AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u It is recommended to add "monkeysphere\-authentication update\-users" to a system crontab, so that user keys are kept up-to-date, and key @@ -177,6 +177,11 @@ false may expose users to abuse by other users on the system. (true) /etc/monkeysphere/monkeysphere\-authentication.conf System monkeysphere-authentication config file. .TP +/etc/monkeysphere/monkeysphere\-authentication\-x509\-anchors.crt +If monkeysphere-authentication is configured to query an hkps +keyserver, it will use X.509 Certificate Authority certificates in +this file to validate any X.509 certificates used by the keyserver. +.TP /var/lib/monkeysphere/authorized_keys/USER Monkeysphere-generated user authorized_keys files. .TP @@ -189,7 +194,7 @@ added to the given user's authorized_keys file. .SH AUTHOR This man page was written by: -Jameson Rollins , +Jameson Rollins , Daniel Kahn Gillmor , Matthew Goins