From: Jameson Graef Rollins Date: Thu, 10 Jul 2008 23:08:25 +0000 (-0400) Subject: update proxycommand man page. X-Git-Tag: monkeysphere_0.4-1~9 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c9260d86968ed2a0ba302ce2a3f9fc6e94f6d39a;p=monkeysphere.git update proxycommand man page. --- diff --git a/man/man1/monkeysphere-ssh-proxycommand.1 b/man/man1/monkeysphere-ssh-proxycommand.1 index c4196f2..0e6d18d 100644 --- a/man/man1/monkeysphere-ssh-proxycommand.1 +++ b/man/man1/monkeysphere-ssh-proxycommand.1 @@ -32,15 +32,24 @@ The proxy command has a fairly nuanced policy for when keyservers are queried when processing host. If the host userID is not found in either the user's keyring or in the known_hosts file, then the keyserver is queried for the host userID. If the host userID is found -in the user's keyring, then the keyserver is not checked. This is -because... If the host userID is not found in the user's keyring, but -the host is listed in the known_hosts file, then defered check is -scheduled. +in the user's keyring, then the keyserver is not checked. This +assumes that the keyring is kept up-to-date, in a cron job or the +like, so that revokations are properly handled. If the host userID is +not found in the user's keyring, but the host is listed in the +known_hosts file, then the keyserver is not checked. This last policy +might change in the future, possibly by adding a defered check, so +that hosts that go from non-monkeysphere-enabled to +monkeysphere-enabled will be properly checked. .SH ENVIRONMENT VARIABLES +All environment variables defined in monkeysphere(1) can also be used +for the proxycommand, with one note: + .TP -KEYSERVER The keyserver to query. +MONKEYSPHERE_CHECK_KEYSERVER +Setting this variable (to `true' or `false') will override the policy +defined in KEYSERVER CHECKING above. .SH AUTHOR