sign.conf man page

sign.conf — sign and signd configuration file




This file holds the configuration both for the sign program and the signd daemon. Each line in the file has the format "key: value [value...]". Empty lines or lines starting with "#" are ignored.

The following keys are recognized:

server: hostname
Forward all unknown requests to the specified server.
port: port
Use the specified port number instead of the default port "5167". Also sets the proxyport.
proxyport: port
Listen on the specified port number for incoming requests.
user: user
Set a default user to use for signing.
hash: hash
Set a default hash to use for signing. The default hash is SHA1.
allow: ip1 ip2 ip3...
Allow only connections from the specified ip addresses. Must be present.
gpg: path_to_gpg
Select the gpg program to use instead of "/usr/bin/gpg".
phrases: phrases_directory
Set the directory containing gpg phrases for every user. A phrase file is fed into gpg with the "--passphrase-fd=0" option.
map: [hash:]from_signuser to_signuser
Modify the signuser. This can be used to map hashes and users to unambiguous key ids.
allowuser: username|uid
Grant the user the right to sign. the sign binary must be installed suid-root for this to work. Multiple users can be specified by using multiple allowuser lines in the configuration.



See Also

sign(8), signd(8)

Referenced By

sign(8), signd(8).

Apr 2007