diff options
Diffstat (limited to 'lacme-accountd.1.md')
-rw-r--r-- | lacme-accountd.1.md | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/lacme-accountd.1.md b/lacme-accountd.1.md index 403c68c..215adf6 100644 --- a/lacme-accountd.1.md +++ b/lacme-accountd.1.md @@ -16,9 +16,9 @@ Synopsis Description =========== -`lacme-accountd` is the account key manager component of [`lacme`(1)], a +`lacme-accountd` is the account key manager component of [`lacme`(8)], a small [ACME] client written with process isolation and minimal -privileges in mind. No other [`lacme`(1)] component needs access to the +privileges in mind. No other [`lacme`(8)] component needs access to the account key; in fact the account key could as well be stored on another host or a smartcard. @@ -26,12 +26,12 @@ host or a smartcard. `--socket=`), which [ACME] clients can connect to in order to request data signatures. As a consequence, `lacme-accountd` needs to be up and running before -using [`lacme`(1)] to issue [ACME] commands. Also, the process does not +using [`lacme`(8)] to issue [ACME] commands. Also, the process does not automatically terminate after the last signature request: instead, one sends an `INT` or `TERM` [`signal`(7)] to bring the server down. Furthermore, one can use the UNIX-domain socket forwarding facility of -[OpenSSH] 6.7 and later to run `lacme-accountd` and [`lacme`(1)] on +[OpenSSH] 6.7 and later to run `lacme-accountd` and [`lacme`(8)] on different hosts. For instance one could store the account key on a machine that is not exposed to the internet. See the **[examples](#examples)** section below. @@ -119,13 +119,13 @@ Run `lacme-accountd` in a first terminal: ~$ lacme-accountd --privkey=file:/path/to/account.key --socket=$XDG_RUNTIME_DIR/S.lacme -Then, while `lacme-accountd` is running, execute locally [`lacme`(1)] in +Then, while `lacme-accountd` is running, execute locally [`lacme`(8)] in another terminal: ~$ sudo lacme --socket=$XDG_RUNTIME_DIR/S.lacme newOrder Alternatively, use [OpenSSH] 6.7 or later to forward the socket and -execute [`lacme`(1)] remotely: +execute [`lacme`(8)] remotely: ~$ ssh -oExitOnForwardFailure=yes -tt -R /path/to/remote.sock:$XDG_RUNTIME_DIR/S.lacme user@example.org \ sudo lacme --socket=/path/to/remote.sock newOrder @@ -133,10 +133,10 @@ execute [`lacme`(1)] remotely: See also ======== -[`lacme`(1)], [`ssh`(1)] +[`lacme`(8)], [`ssh`(1)] [ACME]: https://tools.ietf.org/html/rfc8555 -[`lacme`(1)]: lacme.1.html +[`lacme`(8)]: lacme.8.html [`signal`(7)]: http://linux.die.net/man/7/signal [`gpg`(1)]: https://www.gnupg.org/documentation/manpage.en.html [OpenSSH]: http://www.openssh.com/ |