… | |
… | |
131 | .\} |
131 | .\} |
132 | .rm #[ #] #H #V #F C |
132 | .rm #[ #] #H #V #F C |
133 | .\" ======================================================================== |
133 | .\" ======================================================================== |
134 | .\" |
134 | .\" |
135 | .IX Title "GVPE.CONF 5" |
135 | .IX Title "GVPE.CONF 5" |
136 | .TH GVPE.CONF 5 "2015-10-31" "2.25" "GNU Virtual Private Ethernet" |
136 | .TH GVPE.CONF 5 "2016-11-02" "2.25" "GNU Virtual Private Ethernet" |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
138 | .\" way too many mistakes in technical documents. |
138 | .\" way too many mistakes in technical documents. |
139 | .if n .ad l |
139 | .if n .ad l |
140 | .nh |
140 | .nh |
141 | .SH "NAME" |
141 | .SH "NAME" |
… | |
… | |
579 | the nodename \- any other use of \f(CW\*(C`%\*(C'\fR must be written as \f(CW\*(C`%%\*(C'\fR. |
579 | the nodename \- any other use of \f(CW\*(C`%\*(C'\fR must be written as \f(CW\*(C`%%\*(C'\fR. |
580 | .IP "private-key = relative-path-to-key" 4 |
580 | .IP "private-key = relative-path-to-key" 4 |
581 | .IX Item "private-key = relative-path-to-key" |
581 | .IX Item "private-key = relative-path-to-key" |
582 | Sets the path (relative to the config directory) to the private key |
582 | Sets the path (relative to the config directory) to the private key |
583 | (default: \f(CW\*(C`hostkey\*(C'\fR). This is a printf format string so every \f(CW\*(C`%\*(C'\fR must |
583 | (default: \f(CW\*(C`hostkey\*(C'\fR). This is a printf format string so every \f(CW\*(C`%\*(C'\fR must |
584 | be doubled. A single \f(CW%s\fR is replaced by the hostname, so you could |
584 | be doubled. A single \f(CW%s\fR is replaced by the hostname, so you could use |
585 | use paths like \f(CW\*(C`hostkeys/%s\*(C'\fR to fetch the files at the location where |
585 | paths like \f(CW\*(C`hostkeys/%s\*(C'\fR to be able to share the same config directory |
586 | \&\f(CW\*(C`gvpectrl\*(C'\fR puts them. |
586 | between nodes. |
587 | .Sp |
587 | .Sp |
588 | Since only the private key file of the current node is used and the |
588 | Since only the private key file of the current node is used and the |
589 | private key file should be kept secret per-node to avoid spoofing, it is |
589 | private key file should be kept secret per-node to avoid spoofing, it is |
590 | not recommended to use this feature. |
590 | not recommended to use this feature this way though. |
591 | .IP "rekey = seconds" 4 |
591 | .IP "rekey = seconds" 4 |
592 | .IX Item "rekey = seconds" |
592 | .IX Item "rekey = seconds" |
593 | Sets the rekeying interval in seconds (default: \f(CW3607\fR). Connections are |
593 | Sets the rekeying interval in seconds (default: \f(CW3607\fR). Connections are |
594 | reestablished every \f(CW\*(C`rekey\*(C'\fR seconds, making them use a new encryption |
594 | reestablished every \f(CW\*(C`rekey\*(C'\fR seconds, making them use a new encryption |
595 | key. |
595 | key. |