blob: aedfe2bada29dd5d2aa791608385be95316d0f1b [file] [log] [blame]
.\" Process this file with
.\" groff -man -Tascii foo.1
.TH TLSDATE 1 "OCTOBER 2012" Linux "User Manuals"
tlsdate-helper \- secure parasitic rdate replacement
.B tlsdate-helper host port protocol ca_racket verbose certdir setclock \
showtime timewarp leapaway proxy-type://proxyhost:proxyport httpmode
.B tlsdate-helper
is a tool for setting the system clock by hand or by communication
with the network. It does not set the Real Time Clock. It is designed to be as
secure as TLS (RFC 2246) but of course the security of TLS is often reduced to
whichever CA racket you believe is trustworthy. By default, tlsdate-helper
trusts your local CA root store - so any of these companies could assist in a
MITM attack against you and you'd be screwed.
The proxy argument expects HTTP, SOCKS4A or SOCKS5 formatted as followed:
This tool is designed to be run by hand or as a system daemon. It must be
run as root or otherwise have the proper caps; it will not be able to set
the system time without running as root or another privileged user.
It's likely! Let us know by contacting
Note that
.B tlsdate(1)
is in Beta, and may not work as expected.
Jacob Appelbaum <jacob at appelbaum dot net>
.B tlsdate(1),
.B tlsdated(8),
.B tlsdated.conf(5)