chiark / gitweb /
~mdw / become / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1554751)
Update Debianization stuff.
authormdw <mdw>
Sat, 17 Apr 2004 10:54:21 +0000 (10:54 +0000)
committermdw <mdw>
Sat, 17 Apr 2004 10:54:21 +0000 (10:54 +0000)
debian/changelog patch | blob | blame | history
debian/control patch | blob | blame | history
manual/become.texi patch | blob | blame | history

diff --git a/debian/changelog b/debian/changelog
index 17a520e5b3e8921361908c3b855ac6dc27be084f..24186640e1097c84ce65b82d9cd8e625f245b40c 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+become (1.4.1) experimental; urgency=low
+
+  * Support elliptic-curve DSA and larger hash functions.
+
+ -- Mark Wooding <mdw@nsict.org>  Sat, 17 Apr 2004 11:54:07 +0100
+
 become (1.4.0) experimental; urgency=low
 
   * Debianization!
 become (1.4.0) experimental; urgency=low
 
   * Debianization!
diff --git a/debian/control b/debian/control
index 405bf5d7c0b236c3ddd13d0997b30b7eaf32a186..98a0046fc61e724269bd8653b56340f0c178b6ec 100644 (file)
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: become
 Section: admin
 Priority: extra
 Maintainer: Mark Wooding <mdw@nsict.org>
 Section: admin
 Priority: extra
 Maintainer: Mark Wooding <mdw@nsict.org>
-Build-Depends: mlib (>= 2.0.2), catacomb (>= 2.0.1)
+Build-Depends: mlib (>= 2.0.2), catacomb (>= 2.1.0)
 Standards-Version: 3.1.1
 
 Package: become
 Standards-Version: 3.1.1
 
 Package: become
diff --git a/manual/become.texi b/manual/become.texi
index a08a128fdba0af6d3870820d4e08359e38a389dd..5944e9a7ca024efd9d738b610976b00d02a24af5 100644 (file)
--- a/manual/become.texi
+++ b/manual/become.texi
@@ -1,6 +1,6 @@
 \input texinfo @c -*-texinfo-*-
 @c
 \input texinfo @c -*-texinfo-*-
 @c
-@c $Id: become.texi,v 1.8 2004/04/08 01:36:20 mdw Exp $
+@c $Id: become.texi,v 1.9 2004/04/17 10:54:21 mdw Exp $
 @c
 @c Documentation for `become'
 @c
 @c
 @c Documentation for `become'
 @c
@@ -1507,7 +1507,7 @@ The key file can be generated using Catacomb's @code{key} program.  The
 commands
 
 @example
 commands
 
 @example
-key -k /etc/become/become.key add -adsa -e"now + 1 year" become-dsa 
+key -k /etc/become/become.key add -adsa -e"now + 1 year" become
 key -k /etc/become/become.key extract -f -secret /etc/become/become.pubkey
 @end example
 
 key -k /etc/become/become.key extract -f -secret /etc/become/become.pubkey
 @end example
 
@@ -1517,6 +1517,17 @@ install the public key on all of your client computers, writable only by
 root.  The private key should be only on the server, and readable or writable
 only by root.
 
 root.  The private key should be only on the server, and readable or writable
 only by root.
 
+You can also use elliptic-curve DSA.  The key-generation runes are more
+complicated in this case.  For example,
+
+@example
+key -k /etc/become/become.key add -aec -Cnist-p256 -e"now + 1 year" \
+    become sig=ecdsa hash=sha256
+@end example
+The @code{hash=sha256} is not required, but it's good to have a hash function
+as strong as your curve.  See the manpage for @code{key} for more details
+about generating elliptic curve keys, and for the kinds of curves supported.
+
 If you have multiple servers, they can all have different private keys.
 You'll need to put all of the public keys in the
 @file{/etc/become/become.pubkey} file. 
 If you have multiple servers, they can all have different private keys.
 You'll need to put all of the public keys in the
 @file{/etc/become/become.pubkey} file. 
Management for shared accounts