| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | .\" $NetBSD: netpgpkeys.1,v 1.8 2010/04/14 08:14:26 wiz Exp $ | | 1 | .\" $NetBSD: netpgpkeys.1,v 1.9 2010/05/07 05:55:46 agc Exp $ |
2 | .\" | | 2 | .\" |
3 | .\" Copyright (c) 2009, 2010 The NetBSD Foundation, Inc. | | 3 | .\" Copyright (c) 2009, 2010 The NetBSD Foundation, Inc. |
4 | .\" All rights reserved. | | 4 | .\" All rights reserved. |
5 | .\" | | 5 | .\" |
6 | .\" This manual page is derived from software contributed to | | 6 | .\" This manual page is derived from software contributed to |
7 | .\" The NetBSD Foundation by Alistair Crooks (agc@NetBSD.org). | | 7 | .\" The NetBSD Foundation by Alistair Crooks (agc@NetBSD.org). |
8 | .\" | | 8 | .\" |
9 | .\" Redistribution and use in source and binary forms, with or without | | 9 | .\" Redistribution and use in source and binary forms, with or without |
10 | .\" modification, are permitted provided that the following conditions | | 10 | .\" modification, are permitted provided that the following conditions |
11 | .\" are met: | | 11 | .\" are met: |
12 | .\" 1. Redistributions of source code must retain the above copyright | | 12 | .\" 1. Redistributions of source code must retain the above copyright |
13 | .\" notice, this list of conditions and the following disclaimer. | | 13 | .\" notice, this list of conditions and the following disclaimer. |
14 | .\" 2. Redistributions in binary form must reproduce the above copyright | | 14 | .\" 2. Redistributions in binary form must reproduce the above copyright |
| @@ -251,26 +251,36 @@ for the private and public host keys. | | | @@ -251,26 +251,36 @@ for the private and public host keys. |
251 | in normal processing, | | 251 | in normal processing, |
252 | if an error occurs, the contents of memory are saved to disk, and can | | 252 | if an error occurs, the contents of memory are saved to disk, and can |
253 | be read using tools to analyse behaviour. | | 253 | be read using tools to analyse behaviour. |
254 | Unfortunately this can disclose information to people viewing | | 254 | Unfortunately this can disclose information to people viewing |
255 | the core dump, such as secret keys, and passphrases protecting | | 255 | the core dump, such as secret keys, and passphrases protecting |
256 | those keys. | | 256 | those keys. |
257 | In normal operation, | | 257 | In normal operation, |
258 | .Nm | | 258 | .Nm |
259 | will turn off the ability to save core dumps on persistent storage, | | 259 | will turn off the ability to save core dumps on persistent storage, |
260 | but selecting this option will allow core dumps to be written to disk. | | 260 | but selecting this option will allow core dumps to be written to disk. |
261 | This option should be used wisely, and any core dumps should | | 261 | This option should be used wisely, and any core dumps should |
262 | be deleted in a secure manner when no longer needed. | | 262 | be deleted in a secure manner when no longer needed. |
263 | .El | | 263 | .El |
| | | 264 | .Pp |
| | | 265 | It is often useful to be able to refer to another user's identity by |
| | | 266 | using their |
| | | 267 | .Nm |
| | | 268 | .Dq fingerprint . |
| | | 269 | This can be found in the output from normal |
| | | 270 | .Fl Fl list-keys |
| | | 271 | and |
| | | 272 | .Fl Fl list-sigs |
| | | 273 | commands. |
264 | .Sh PASS PHRASES | | 274 | .Sh PASS PHRASES |
265 | The pass phrase cannot be changed by | | 275 | The pass phrase cannot be changed by |
266 | .Nm | | 276 | .Nm |
267 | once it has been chosen, and will | | 277 | once it has been chosen, and will |
268 | be used for the life of the key, so a wise choice is advised. | | 278 | be used for the life of the key, so a wise choice is advised. |
269 | The pass phrase should not be an easily guessable word or phrase, | | 279 | The pass phrase should not be an easily guessable word or phrase, |
270 | or related to information that can be gained through | | 280 | or related to information that can be gained through |
271 | .Dq social engineering | | 281 | .Dq social engineering |
272 | using search engines, or other public information retrieval methods. | | 282 | using search engines, or other public information retrieval methods. |
273 | .Pp | | 283 | .Pp |
274 | .Xr getpass 3 | | 284 | .Xr getpass 3 |
275 | will be used to obtain the pass phrase from the user if it is | | 285 | will be used to obtain the pass phrase from the user if it is |
276 | needed, | | 286 | needed, |