X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman8%2Fmonkeysphere-host.8;h=0a9fc1b5f2d2b5ad7b8ce6bf996346e779de57f8;hb=35559940b9ccab1df260da9da30dff5991a1778e;hp=062f0aadb68aa8e76cf56b736888c63a2538aad1;hpb=e93a298ec6f9abd80e30a933b0dd84c764d11bff;p=monkeysphere.git diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8 index 062f0aa..0a9fc1b 100644 --- a/man/man8/monkeysphere-host.8 +++ b/man/man8/monkeysphere-host.8 @@ -23,15 +23,24 @@ connection authentication. \fBmonkeysphere-host\fP takes various subcommands: .TP +.B import-key FILE [NAME[:PORT]] +Import a pem-encoded ssh secret host key from file FILE. If FILE +is '-', then the key will be imported from stdin. NAME[:PORT] is used +to specify the hostname (and port) used in the user ID of the new +OpenPGP key. If NAME is not specified, then the system +fully-qualified domain name will be used (ie. `hostname -f'). If PORT +is not specified, the no port is added to the user ID, which means +port 22 is assumed. `i' may be used in place of `import-key'. +.TP .B show-key Output information about host's OpenPGP and SSH keys. `s' may be used in place of `show-key'. .TP -.B extend-key EXPIRE +.B extend-key [EXPIRE] Extend the validity of the OpenPGP key for the host until EXPIRE from the present. If EXPIRE is not specified, then the user will be -prompted for the extension term. Expiration is specified like GnuPG -does: +prompted for the extension term. Expiration is specified as with +GnuPG: .nf 0 = key does not expire = key expires in n days @@ -49,25 +58,35 @@ place of `add-hostname'. Revoke a hostname user ID from the server host key. `n-' may be used in place of `revoke-hostname'. .TP -.B add-revoker FINGERPRINT -Add a revoker to the host's OpenPGP key. `o' may be be used in place +.B add-revoker KEYID|FILE +Add a revoker to the host's OpenPGP key. The key ID will be loaded +from the keyserver. A file may be loaded instead of pulling the key +from the keyserver by specifying the path to the file as the argument, +or by specifying `-` to load from stdin. `r+' may be be used in place of `add-revoker'. .TP .B revoke-key -Revoke the host's OpenPGP key. `r' may be used in place of -`revoke-key'. +Generate (with the option to publish) a revocation certificate for the +host's OpenPGP key. If such a certificate is published, your host key +will be permanently revoked. This subcommand will ask you a series of +questions, and then generate a key revocation certificate, sending it +to stdout. If you explicitly tell it to publish the revocation +certificate immediately, it will send it to the public keyservers. +USE WITH CAUTION! .TP .B publish-key Publish the host's OpenPGP key to the keyserver. `p' may be used in place of `publish-key'. .TP -.B import-key [NAME[:PORT]] -Import a pem-encoded ssh secret host key, from stdin. NAME[:PORT] is -used to specify the hostname (and port) used in the user ID of the new -OpenPGP key. If NAME is not specified, then the system -fully-qualified domain name will be used (ie. `hostname -f'). If PORT -is not specified, the no port is added to the user ID, which means -port 22 is assumed. `i' may be used in place of `import-key'. +.B help +Output a brief usage summary. `h' or `?' may be used in place of +`help'. +.TP +.B version +show version number + + +Other commands: .TP .B diagnostics Review the state of the monkeysphere server host key and report on @@ -75,13 +94,6 @@ suggested changes. Among other checks, this includes making sure there is a valid host key, that the key is published, that the sshd configuration points to the right place, etc. `d' may be used in place of `diagnostics'. -.TP -.B help -Output a brief usage summary. `h' or `?' may be used in place of -`help'. -.TP -.B version -show version number .SH SETUP HOST AUTHENTICATION @@ -110,6 +122,10 @@ increasing order of verbosity. .TP MONKEYSPHERE_KEYSERVER OpenPGP keyserver to use (pool.sks-keyservers.net). +.TP +MONKEYSPHERE_PROMPT +If set to `false', never prompt the user for confirmation. (true) + .SH FILES