diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-03-21 14:37:27 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-03-21 14:37:27 -0400 |
commit | c9ba92ef62376bbf01da1eac96cd5a2b5eb65a66 (patch) | |
tree | 19a61840175d2fb16ea51dedf49abd45d2417774 /doc/appendix/guides/authentication.txt | |
parent | f36c89f5e78a3a2fcd9ad4b38b8670895883bd38 (diff) | |
parent | e88c029c6fdbedb038443c8cbe52206d9ca9c1a2 (diff) | |
download | bcfg2-c9ba92ef62376bbf01da1eac96cd5a2b5eb65a66.tar.gz bcfg2-c9ba92ef62376bbf01da1eac96cd5a2b5eb65a66.tar.bz2 bcfg2-c9ba92ef62376bbf01da1eac96cd5a2b5eb65a66.zip |
Merge branch 'maint'
Diffstat (limited to 'doc/appendix/guides/authentication.txt')
-rw-r--r-- | doc/appendix/guides/authentication.txt | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/doc/appendix/guides/authentication.txt b/doc/appendix/guides/authentication.txt index 3fd0e1e2d..b8ec82590 100644 --- a/doc/appendix/guides/authentication.txt +++ b/doc/appendix/guides/authentication.txt @@ -132,13 +132,26 @@ controlled through the use of the auth attribute in Allowed values are: - +---------------+------------------------------------------+ - | **Auth Type** | **Meaning** | - +===============+==========================================+ - | cert | Certificates must be used | - +---------------+------------------------------------------+ - | cert+password | Certificate or password may be used | - +---------------+------------------------------------------+ - | bootstrap | Password can be used for one client run, | - | | after that certificate is required | - +---------------+------------------------------------------+ ++-------------------+------------------------------------------+ +| Auth Type | Meaning | ++===================+==========================================+ +| ``cert`` | Certificates must be used | ++-------------------+------------------------------------------+ +| ``cert+password`` | Certificate or password may be used. If | +| | a certificate is used, the password must | +| | also be used. | ++-------------------+------------------------------------------+ +| ``bootstrap`` | Password can be used for one client run, | +| | after that only certificate is allowed | ++-------------------+------------------------------------------+ + +``cert+password`` is the default. This can be changed by setting the +``authentication`` parameter in the ``[communcation]`` section of +``bcfg2.conf``. For instance, to set ``bootstrap`` mode as the global +default, you would add the following to ``bcfg2.conf``:: + + [communication] + authentication = bootstrap + +``bootstrap`` mode is currently incompatible with the +:ref:`server-plugins-grouping-metadata-clients-database`. |