diff options
author | June McEnroe <june@causal.agency> | 2019-11-06 22:37:57 -0500 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2019-11-06 22:37:57 -0500 |
commit | 875b57fb9b1bd07f7e13c0391087d8d667327099 (patch) | |
tree | 1e641d0e63906d671d3e11a2e0029cb40512efc3 | |
parent | Document pounce service configuration (diff) | |
download | pounce-875b57fb9b1bd07f7e13c0391087d8d667327099.tar.gz pounce-875b57fb9b1bd07f7e13c0391087d8d667327099.zip |
Document SASL EXTERNAL configuration in more detail
Diffstat (limited to '')
-rw-r--r-- | pounce.1 | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/pounce.1 b/pounce.1 index 35a2dd9..52bd9f0 100644 --- a/pounce.1 +++ b/pounce.1 @@ -164,6 +164,8 @@ Certificates can be generated with Authenticate using SASL EXTERNAL. The TLS client certificate is loaded with .Fl c . +For more information, see +.Sx Configuring SASL EXTERNAL . . .It Fl f Ar path , Cm save = Ar path Load the contents of the buffer from @@ -247,6 +249,36 @@ specified by and .Fl K . . +.Ss Configuring SASL EXTERNAL +.Bl -enum +.It +Generate a new TLS client certificate: +.Bd -literal -offset indent +pounce -g example.pem +.Ed +.It +Connect to the server using the certificate: +.Bd -literal -offset indent +client-cert = example.pem +# or: pounce -c example.pem +.Ed +.It +Identify with services or use +.Cm sasl-plain , +then add the certificate fingerprint to your account: +.Bd -literal -offset indent +/msg NickServ CERT ADD +.Ed +.It +Enable SASL EXTERNAL +to require successful authentication when connecting: +.Bd -literal -offset indent +client-cert = example.pem +sasl-external +# or: pounce -e -c example.pem +.Ed +.El +. .Ss Service Configuration Add the following to .Pa /etc/rc.conf |