diff options
| author | Joey Hess <joeyh@debian.org> | 2014-07-09 22:11:31 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@debian.org> | 2014-07-09 22:11:31 -0400 |
| commit | f118c369d3240b656e4fef77b6efc758b3f714eb (patch) | |
| tree | 0a3e0c6e134680e35665364b2cd6895863bcc990 /doc/security.mdwn | |
| parent | 17b21794a72f6cfaddda321d6f2cbdb87ce3dee0 (diff) | |
| parent | 82da31b3e0e9acdfbca4c48eb12ab1f28515ba10 (diff) | |
Record propellor (0.8.1) in archive suite sid
Diffstat (limited to 'doc/security.mdwn')
| -rw-r--r-- | doc/security.mdwn | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn index 5576bf06..075d68ec 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -27,10 +27,11 @@ Since the propoellor git repository is public, you can't store in cleartext private data such as passwords, ssh private keys, etc. Instead, `propellor --spin $host` looks for a -`~/.propellor/privdata/$host.gpg` file and if found decrypts it and sends -it to the remote host using ssh. This lets a remote host know its own -private data, without seeing all the rest. +`~/.propellor/privdata/privdata.gpg` file and if found decrypts it, +extracts the private that that the $host needs, and sends it to to the +$host using ssh. This lets a host know its own private data, without +seeing all the rest. -To securely store private data, use: `propellor --set $host $field` -The field name will be something like 'Password "root"'; see PrivData.hs -for available fields. +To securely store private data, use: `propellor --set $field $context` +Propellor will tell you the details when you use a Property that needs +PrivData. |