/mandos/trunk

To get this branch, use:
bzr branch /loggerhead/mandos/trunk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE para PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<para>
  This is part of the Mandos system for allowing computers to have
  encrypted root file systems and at the same time be capable of
  remote and/or unattended reboots.  The computers run a small client
  program in the initial <acronym>RAM</acronym> disk environment which
  will communicate with a server over a network.  All network
  communication is encrypted using <acronym>TLS</acronym>.  The
  clients are identified by the server using a TLS key; each client
  has one unique to it.  The server sends the clients an encrypted
  password.  The encrypted password is decrypted by the clients using
  a separate OpenPGP key, and the password is then used to unlock the
  root file system, whereupon the computers can continue booting
  normally.
</para>