X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/fc916a0942e6ef8f63aefb96119d0e4fd7c7efbb..f274f202251c1794dda3bfd235849cf77d439350:/keys/tripe-keys.conf.5.in diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in index c6e0f257..3e5c777b 100644 --- a/keys/tripe-keys.conf.5.in +++ b/keys/tripe-keys.conf.5.in @@ -24,10 +24,10 @@ .\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. . .\"-------------------------------------------------------------------------- -.so ../defs.man.in \" @@@PRE@@@ +.so ../common/defs.man \" @@@PRE@@@ . .\"-------------------------------------------------------------------------- -.TH tripe-keys.conf 5 "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" +.TH tripe-keys.conf 5tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" . .\"-------------------------------------------------------------------------- .SH "NAME" @@ -141,6 +141,7 @@ or .B ec (elliptic curves). The default is .BR dh . +.ne 7 .TP .I kx-param Options to pass to @@ -155,14 +156,14 @@ center; _ kx kx-param _ -dh \-LS \-b2048 \-B256 +dh \-LS \-b3072 \-B256 ec \-Cnist-p256 _ .TE .TP .I kx-expire Expiry time for generated keys. Default is -.BR "now + 1 day" . +.BR "now + 1 year" . .TP .I hash Hashing algorithm to use. Default is @@ -184,7 +185,7 @@ This is probably a good choice. .TP .I cipher Symmetric encryption scheme to use. Default is -.BR blowfish-cbc . +.BR rijndael-cbc . .TP .I sig Signature scheme to use. Must be one of those recognized by @@ -201,6 +202,7 @@ if .I kx is .BR ec . +.ne 10 .TP .I sig-genalg Key-generation algorithm for signing key. Default depends on @@ -221,6 +223,7 @@ ecdsa ec eckcdsa ec _ .TE +.ne 8 .TP .I sig-param Signature-key generation parameters. Default depends on @@ -233,9 +236,9 @@ center; _ sig-genalg sig-param _ -dh \-LS \-b2048 \-B256 -dsa \-b2048 \-B256 -rsa \-b2048 +dh \-LS \-b3072 \-B256 +dsa \-b3072 \-B256 +rsa \-b3072 ec \-Cnist-p256 _ .TE @@ -262,7 +265,9 @@ Hash function to use for key fingerprinting. Default is Local base directory for the repository files. This probably ought to end in a .RB ` / ' -character. No default. +character. Unexpected files in this directory will be removed by the +.B tripe-keys upload +command. No default. .TP .I repos-file Filename for local repository tarball. Default is the concatenation of @@ -271,7 +276,7 @@ and .IB repos-base . .TP .I sig-file -Tempalte for repository signatures. Default is the concatenation of +Template for repository signatures. Default is the concatenation of .I base-dir and .IR sig-base . @@ -279,6 +284,13 @@ and .I conf-file Filename for local repository configuration file. Default is .IB basedir /tripe-keys.conf \fR. +.TP +.I kx-warn-days +The +.B "tripe-keys check" +command will warn about keys which will in less than +.I kx-warn-days +days. Default is 28. . .\"-------------------------------------------------------------------------- .SH "SEE ALSO"