Provided by: mandos_1.7.1-2build1_all bug


       mandos - Gives encrypted passwords to authenticated Mandos clients


       mandos [--interface NAME | -i NAME]
              [--address ADDRESS | -a ADDRESS]
              [--port PORT | -p PORT]
              [--priority PRIORITY]
              [--servicename NAME]
              [--configdir DIRECTORY]
              [--debuglevel LEVEL]
              [--statedir DIRECTORY]
              [--socket FD]

       mandos {--help | -h}

       mandos --version

       mandos --check


       mandos is a server daemon which handles incoming request for passwords
       for a pre-defined list of client host computers. For an introduction,
       see intro(8mandos). The Mandos server uses Zeroconf to announce itself
       on the local network, and uses TLS to communicate securely with and to
       authenticate the clients. The Mandos server uses IPv6 to allow Mandos
       clients to use IPv6 link-local addresses, since the clients will
       probably not have any other addresses configured (see the section
       called “OVERVIEW”). Any authenticated client is then given the stored
       pre-encrypted password for that specific client.


       The purpose of this is to enable remote and unattended rebooting of
       client host computer with an encrypted root file system. See the
       section called “OVERVIEW” for details.


       --help, -h
           Show a help message and exit

       --interface NAME, -i NAME
           If this is specified, the server will only announce the service and
           listen to requests on the specified network interface. Default is
           to use all available interfaces.  Note: a failure to bind to the
           specified interface is not considered critical, and the server will
           not exit, but instead continue normally.

       --address ADDRESS, -a ADDRESS
           If this option is used, the server will only listen to the
           specified IPv6 address. If a link-local address is specified, an
           interface should be set, since a link-local address is only valid
           on a single interface. By default, the server will listen to all
           available addresses. If set, this must normally be an IPv6 address;
           an IPv4 address can only be specified using IPv4-mapped IPv6
           address syntax: “::FFFF:”. (Only if IPv6 usage is disabled
           (see below) must this be an IPv4 address.)

       --port PORT, -p PORT
           If this option is used, the server will bind to that port. By
           default, the server will listen to an arbitrary port given by the
           operating system.

           Run the server’s self-tests. This includes any unit tests, etc.

           If the server is run in debug mode, it will run in the foreground
           and print a lot of debugging information. The default is to not run
           in debug mode.

       --debuglevel LEVEL
           Set the debugging log level.  LEVEL is a string, one of “CRITICAL”,
           “ERROR”, “WARNING”, “INFO”, or “DEBUG”, in order of increasing
           verbosity. The default level is “WARNING”.

       --priority  PRIORITY
           GnuTLS priority string for the TLS handshake. The default is
           “SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA :+SIGN-DSA-SHA256”. See
           gnutls_priority_init(3) for the syntax.  Warning: changing this may
           make the TLS handshake fail, making server-client communication
           impossible. Changing this option may also make the network traffic
           decryptable by an attacker.

       --servicename NAME
           Zeroconf service name. The default is “Mandos”. This only needs to
           be changed if for some reason is would be necessary to run more
           than one server on the same host. This would not normally be
           useful. If there are name collisions on the same network, the newer
           server will automatically rename itself to “Mandos #2”, and so on;
           therefore, this option is not needed in that case.

       --configdir DIRECTORY
           Directory to search for configuration files. Default is
           “/etc/mandos”. See mandos.conf(5) and mandos-clients.conf(5).

           Prints the program version and exit.

           This option controls whether the server will provide a D-Bus system
           bus interface. The default is to provide such an interface.

           See also the section called “D-BUS INTERFACE”.

           This option controls whether the server will use IPv6 sockets and
           addresses. The default is to use IPv6. This option should never
           normally be turned off, even in IPv4-only environments. This is
           because mandos-client(8mandos) will normally use IPv6 link-local
           addresses, and will not be able to find or connect to the server if
           this option is turned off.  Only advanced users should consider
           changing this option.

           This option controls whether the server will restore its state from
           the last time it ran. Default is to restore last state.

           See also the section called “PERSISTENT STATE”.

       --statedir DIRECTORY
           Directory to save (and restore) state in. Default is

       --socket FD
           If this option is used, the server will not create a new network
           socket, but will instead use the supplied file descriptor. By
           default, the server will create a new network socket.

           This option will make the server run in the foreground and not
           write a PID file. The default is to not run in the foreground,
           except in debug mode, which implies this option.

           This option controls whether the server will announce its existence
           using Zeroconf. Default is to use Zeroconf. If Zeroconf is not
           used, a port number or a socket is required.


       This is part of the Mandos system for allowing computers to have
       encrypted root file systems and at the same time be capable of remote
       and/or unattended reboots. The computers run a small client program in
       the initial RAM disk environment which will communicate with a server
       over a network. All network communication is encrypted using TLS. The
       clients are identified by the server using an OpenPGP key; each client
       has one unique to it. The server sends the clients an encrypted
       password. The encrypted password is decrypted by the clients using the
       same OpenPGP key, and the password is then used to unlock the root file
       system, whereupon the computers can continue booting normally.

       This program is the server part. It is a normal server program and will
       run in a normal system environment, not in an initial RAM disk


       The Mandos server announces itself as a Zeroconf service of type
       “_mandos._tcp”. The Mandos client connects to the announced address and
       port, and sends a line of text where the first whitespace-separated
       field is the protocol version, which currently is “1”. The client and
       server then start a TLS protocol handshake with a slight quirk: the
       Mandos server program acts as a TLS “client” while the connecting
       Mandos client acts as a TLS “server”. The Mandos client must supply an
       OpenPGP certificate, and the fingerprint of this certificate is used by
       the Mandos server to look up (in a list read from clients.conf at start
       time) which binary blob to give the client. No other authentication or
       authorization is done by the server.

       Table 1. Mandos Protocol (Version 1)
       │Mandos ClientDirectionMandos Server       │
       │Connect            │ ->        │                     │
       │“1\r\n”            │ ->        │                     │
       │TLS handshake as   │ <->       │ TLS handshake as    │
       │TLS server       │           │ TLS client        │
       │OpenPGP public key │ ->        │                     │
       │(part of TLS       │           │                     │
       │handshake)         │           │                     │
       │                   │ <-        │ Binary blob (client │
       │                   │           │ will assume OpenPGP │
       │                   │           │ data)               │
       │                   │ <-        │ Close               │


       The server will, by default, continually check that the clients are
       still up. If a client has not been confirmed as being up for some time,
       the client is assumed to be compromised and is no longer eligible to
       receive the encrypted password. (Manual intervention is required to
       re-enable a client.) The timeout, extended timeout, checker program,
       and interval between checks can be configured both globally and per
       client; see mandos-clients.conf(5).


       The server can be configured to require manual approval for a client
       before it is sent its secret. The delay to wait for such approval and
       the default action (approve or deny) can be configured both globally
       and per client; see mandos-clients.conf(5). By default all clients will
       be approved immediately without delay.

       This can be used to deny a client its secret if not manually approved
       within a specified time. It can also be used to make the server delay
       before giving a client its secret, allowing optional manual denying of
       this specific client.


       The server will send log message with various severity levels to
       /dev/log. With the --debug option, it will log even more messages, and
       also show them on the console.


       Client settings, initially read from clients.conf, are persistent
       across restarts, and run-time changes will override settings in
       clients.conf. However, if a setting is changed (or a client added, or
       removed) in clients.conf, this will take precedence.


       The server will by default provide a D-Bus system bus interface. This
       interface will only be accessible by the root user or a Mandos-specific
       user, if such a user exists. For documentation of the D-Bus API, see
       the file DBUS-API.


       The server will exit with a non-zero exit status only when a critical
       error is encountered.


           To start the configured checker (see the section called
           “CHECKING”), the server uses /bin/sh, which in turn uses PATH to
           search for matching commands if an absolute path is not given. See


       Use the --configdir option to change where mandos looks for its
       configurations files. The default file names are listed here.

           Server-global settings. See mandos.conf(5) for details.

           List of clients and client-specific settings. See mandos-
           clients.conf(5) for details.

           The file containing the process id of the mandos process started
           last.  Note: If the /run directory does not exist,
           /var/run/ will be used instead.


           Directory where persistent state will be saved. Change this with
           the --statedir option. See also the --no-restore option.

           The Unix domain socket to where local syslog messages are sent.

           This is used to start the configured checker command for each
           client. See mandos-clients.conf(5) for details.


       This server might, on especially fatal errors, emit a Python backtrace.
       This could be considered a feature.

       There is no fine-grained control over logging and debug output.

       This server does not check the expire time of clients’ OpenPGP keys.


       Normal invocation needs no options:


       Run the server in debug mode, read configuration files from the
       ~/mandos directory, and use the Zeroconf service name “Test” to not
       collide with any other official Mandos server on this host:

       mandos --debug --configdir ~/mandos --servicename Test

       Run the server normally, but only listen to one interface and only on
       the link-local address on that interface:

       mandos --interface eth7 --address fe80::aede:48ff:fe71:f6f2


       Running this mandos server program should not in itself present any
       security risk to the host computer running it. The program switches to
       a non-root user soon after startup.

       The server only gives out its stored data to clients which does have
       the OpenPGP key of the stored fingerprint. This is guaranteed by the
       fact that the client sends its OpenPGP public key in the TLS handshake;
       this ensures it to be genuine. The server computes the fingerprint of
       the key itself and looks up the fingerprint in its list of clients. The
       clients.conf file (see mandos-clients.conf(5)) must be made
       non-readable by anyone except the user starting the server (usually

       As detailed in the section called “CHECKING”, the status of all client
       computers will continually be checked and be assumed compromised if
       they are gone for too long.

       For more details on client-side security, see mandos-client(8mandos).


       intro(8mandos), mandos-clients.conf(5), mandos.conf(5), mandos-
       client(8mandos), sh(1)

           Zeroconf is the network protocol standard used by clients for
           finding this Mandos server on the local network.

           Avahi is the library this server calls to implement Zeroconf
           service announcements.

           GnuTLS is the library this server uses to implement TLS for
           communicating securely with the client, and at the same time
           confidently get the client’s public OpenPGP key.

       RFC 4291: IP Version 6 Addressing Architecture

           Section 2.2: Text Representation of Addresses

           Section IPv4-Mapped IPv6 Address

           Section 2.5.6, Link-Local IPv6 Unicast Addresses
               The clients use IPv6 link-local addresses, which are
               immediately usable since a link-local addresses is
               automatically assigned to a network interfaces when it is
               brought up.

       RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2
           TLS 1.2 is the protocol implemented by GnuTLS.

       RFC 4880: OpenPGP Message Format
           The data sent to clients is binary encrypted OpenPGP data.

       RFC 6091: Using OpenPGP Keys for Transport Layer Security (TLS)
           This is implemented by GnuTLS and used by this server so that
           OpenPGP keys can be used.


       Copyright © 2008-2015 Teddy Hogeborn, Björn Påhlsson

       This manual page is free software: you can redistribute it and/or
       modify it under the terms of the GNU General Public License as
       published by the Free Software Foundation, either version 3 of the
       License, or (at your option) any later version.

       This manual page is distributed in the hope that it will be useful, but
       WITHOUT ANY WARRANTY; without even the implied warranty of
       General Public License for more details.

       You should have received a copy of the GNU General Public License along
       with this program. If not, see


        1. Zeroconf

        2. Avahi

        3. GnuTLS