From 42424656e873ad0da564131dbffb4b82ed3347c9 Mon Sep 17 00:00:00 2001 From: Rene Mayrhofer Date: Sat, 3 Jun 2006 23:37:13 +0000 Subject: Remove these files from the repository, because they get created during the build (and removed by make clean). --- doc/manpage.d/ipsec_showhostkey.8.html | 269 --------------------------------- 1 file changed, 269 deletions(-) delete mode 100644 doc/manpage.d/ipsec_showhostkey.8.html (limited to 'doc/manpage.d/ipsec_showhostkey.8.html') diff --git a/doc/manpage.d/ipsec_showhostkey.8.html b/doc/manpage.d/ipsec_showhostkey.8.html deleted file mode 100644 index 90a16d5ee..000000000 --- a/doc/manpage.d/ipsec_showhostkey.8.html +++ /dev/null @@ -1,269 +0,0 @@ -Content-type: text/html - -Manpage of IPSEC_SHOWHOSTKEY - -

IPSEC_SHOWHOSTKEY

-Section: Maintenance Commands (8)
Updated: 5 March 2002
Index -Return to Main Contents
- - -  -

NAME

- -ipsec showhostkey - show host's authentication key -  -

SYNOPSIS

- -ipsec - -showhostkey - -[ ---key - -] [ ---left - -] [ ---right - -] [ ---txt - -gateway -] [ ---dhclient - -] [ ---file - -secretfile -] [ ---id - -identity -] -  -

DESCRIPTION

- -Showhostkey - -outputs (on standard output) a public key suitable for this host, -in the format specified, -using the host key information stored in -/etc/ipsec.secrets. - -In general only the super-user can run this command, -since only he can read -ipsec.secrets. - -

- -The ---txt - -option causes the output to be in opportunistic-encryption DNS TXT record -format, -with the specified -gateway - -value. -If information about how the key was generated is available, -that is provided as a DNS-file comment. -For example, ---txt 10.11.12.13 - -might give (with the key data trimmed for clarity): -

- -

-  ; RSA 2048 bits   xy.example.com   Sat Apr 15 13:53:22 2000
-      IN TXT  "X-IPsec-Server(10)=10.11.12.13 AQOF8tZ2...+buFuFn/"
-
- -

- -No name is supplied in the TXT record -because there are too many possibilities, -depending on how it will be used. -If the text string is longer than 255 bytes, -it is split up into multiple strings (matching the restrictions of -the DNS TXT binary format). -If any split is needed, the first split will be at the start of the key: -this increases the chances that later hand editing will work. -

- -The ---left - -and ---right - -options cause the output to be in -ipsec.conf(5) - -format, as a -leftrsasigkey - -or -rightrsasigkey - -parameter respectively. -Again, generation information is included if available. -For example, ---left - -might give (with the key data trimmed down for clarity): -

- -

-  # RSA 2048 bits   xy.example.com   Sat Apr 15 13:53:22 2000
-  leftrsasigkey=0sAQOF8tZ2...+buFuFn/
-
- -

- -The ---dhclient - -option cause the output to be suitable for inclusion in -dhclient.conf(5) - -as part of configuring WAVEsec. -See <http://www.wavesec.org>. -

- -If ---key - -is specified, -the output format is the text form of a DNS KEY record; -the host name is the one included in the key information -(or, if that is not available, -the output of -hostname --fqdn), - -with a -. - -appended. -Again, generation information is included if available. -For example (with the key data trimmed down for clarity): -

- -

-  ; RSA 2048 bits   xy.example.com   Sat Apr 15 13:53:22 2000
-  xy.example.com.   IN   KEY   0x4200 4 1 AQOF8tZ2...+buFuFn/
-
- -

- -Normally, the default key for this host -(the one with no host identities specified for it) is the one extracted. -The ---id - -option overrides this, -causing extraction of the key labeled with the specified -identity, - -if any. -The specified -identity - -must -exactly - -match the identity in the file; -in particular, the comparison is case-sensitive. -

- -The ---file - -option overrides the default for where the key information should be -found, and takes it from the specified -secretfile. - -  -

DIAGNOSTICS

- -A complaint about ``no pubkey line found'' indicates that the -host has a key but it was generated with an old version of FreeS/WAN -and does not contain the information that -showhostkey - -needs. -  -

FILES

- -/etc/ipsec.secrets -  -

SEE ALSO

- -ipsec.secrets(5), ipsec.conf(5), ipsec_rsasigkey(8) -  -

HISTORY

- -Written for the Linux FreeS/WAN project -<http://www.freeswan.org> -by Henry Spencer. -  -

BUGS

- -Arguably, -rather than just reporting the no-IN-KEY-line-found problem, -showhostkey - -should be smart enough to run the existing key through -rsasigkey - -with the ---oldkey - -option, to generate a suitable output line. -

- -The need to specify the gateway address (etc.) for ---txt - -is annoying, but there is no good way to determine it automatically. -

- -There should be a way to specify the priority value for TXT records; -currently it is hardwired to -10. - -

- -The ---id - -option assumes that the -identity - -appears on the same line as the -: RSA { - -that begins the key proper. -

- -


- 

Index

-
-
NAME
-
SYNOPSIS
-
DESCRIPTION
-
DIAGNOSTICS
-
FILES
-
SEE ALSO
-
HISTORY
-
BUGS
-
-
-This document was created by -man2html, -using the manual pages.
-Time: 21:40:18 GMT, November 11, 2003 - - -- cgit v1.2.3