sign.conf man page
sign.conf ā sign and signd configuration file This file holds the configuration both for the sign program and the signd daemon. Each line in the file has the format "key: value [value...]". Empty lines or lines starting with "#" are ignored. The following keys are recognized: Forward all unknown requests to the specified server. Use the specified port number instead of the default port "5167". Also sets the proxyport. Listen on the specified port number for incoming requests. Set a default user to use for signing. Set a default hash to use for signing. The default hash is SHA1. Allow only connections from the specified ip addresses, subnets expressed in CIDR notation, and/or hostnames. Note that hostnames are resolved using reverse DNS lookups, so there must be reverse entries in the DNS server, and it should be secured against DNS poisoning attacks. Must be present. Select the gpg program to use instead of "/usr/bin/gpg". Set the directory containing gpg phrases for every user. A phrase file is fed into gpg with the "--passphrase-fd=0" option. Modify the signuser. This can be used to map hashes and users to unambiguous key ids. Grant the user the right to sign. the sign binary must be installed suid-root for this to work. Multiple users can be specified by using multiple allowuser lines in the configuration. Allow signd to accept connections from source ports > 1024. Defaults to false. /etc/sign.confSynopsis
/etc/sign.conf
Description
Files
See Also
Referenced By