X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=man%2Fman8%2Fmonkeysphere-server.8;h=f808eff2a84fe5f12eb1b940847f88b287695e58;hb=438d1fa8881a1f8359b5e91932bf42addefbffca;hp=3073adc698ca28a69432afcd3e1484acadae3bbf;hpb=f659da8ba2e184a9eb60da2d65c1e81c33f06772;p=monkeysphere.git

diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index 3073adc..f808eff 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -28,8 +28,8 @@ file are processed, and the user's authorized_keys file in
 /var/cache/monkeysphere/authorized_keys/USER.  See `man monkeysphere'
 for more info.  If the USER_CONTROLLED_AUTHORIZED_KEYS variable is
 set, then a user-controlled authorized_keys file (usually
-~USER/.ssh/authorized_keys) is added to the authorized_keys file.  `k'
-may be used in place of `update-known_hosts'.
+~USER/.ssh/authorized_keys) is added to the authorized_keys file.  `u'
+may be used in place of `update-users.
 .TP
 .B gen-key
 Generate a gpg key for the host.  `g' may be used in place of
@@ -43,14 +43,35 @@ Show the fingerprint for the host's OpenPGP key.  `f' may be used in place of
 Publish the host's gpg key to the keyserver.  `p' may be used in place
 of `publish-key'.
 .TP
-.B trust-keys KEYID...
-Mark key specified with key IDs with full owner trust.  `t' may be used
-in place of `trust-keys'.
+.B trust-key KEYID [LEVEL]
+Set owner trust for key.  If LEVEL is not specified, then the program
+will prompt for an owner trust level to set for KEYID.  This function
+lsigns the key as well so that it will have a known validity.  `t' may
+be used in place of `trust-key'.
 .TP
 .B help
 Output a brief usage summary.  `h' or `?' may be used in place of
 `help'.
 
+.SH SETUP
+
+In order to start using the monkeysphere, there are a couple of things
+you need to do first.  The first is to generate an OpenPGP key for the
+server and convert that key to an ssh key that can be used by ssh for
+host authentication.  To do this, run the "gen-key" subcommand.  Once
+that is done, publish the key to a keyserver with "publish-key"
+subcommand.  Finally, you need to modify the sshd_config to tell sshd
+where the new server host key:
+
+HostKey /etc/monkeysphere/ssh_host_rsa_key
+
+If the server will also handle user authentication through
+monkeysphere-generated authorized_keys files, set the following:
+
+AuthorizedKeysFile /var/cache/monkeysphere/authorized_keys/%u
+
+Once those changes are made, restart the ssh server.
+
 .SH FILES
 
 .TP
@@ -63,6 +84,9 @@ System-wide monkeysphere config file.
 /etc/monkeysphere/gnupg
 Monkeysphere GNUPG home directory.
 .TP
+/etc/monkeysphere/ssh_host_rsa_key
+Copy of the host's private key in ssh format, suitable for use by sshd.
+.TP
 /etc/monkeysphere/authorized_user_ids/USER
 Server maintained authorized_user_ids files for users.
 .TP