1 |
pcg |
1.1 |
=head1 NAME |
2 |
|
|
|
3 |
|
|
C<gvpectrl> - GNU Virtual Private Ethernet Control Program |
4 |
|
|
|
5 |
|
|
=head1 SYNOPSIS |
6 |
|
|
|
7 |
|
|
C<gvpectrl> [B<-ckgs>] [B<--config=>I<DIR>] [B<--generate-keys>] [B<--help>] |
8 |
|
|
[B<--kill>[B<=>I<SIGNAL>]] [B<--show-config>] [B<--version>] |
9 |
|
|
|
10 |
|
|
=head1 DESCRIPTION |
11 |
|
|
|
12 |
|
|
This is the control program for the C<gvpe>, the virtual private ethernet daemon. |
13 |
|
|
|
14 |
|
|
=head1 OPTIONS |
15 |
|
|
|
16 |
|
|
=over 4 |
17 |
|
|
|
18 |
|
|
=item B<-c>, B<--config=>I<DIR> |
19 |
|
|
|
20 |
|
|
Read configuration options from I<DIR>. |
21 |
|
|
|
22 |
root |
1.6 |
=item B<-g>, B<--generate-key=path> |
23 |
pcg |
1.1 |
|
24 |
root |
1.6 |
Generates a single RSA key-pair. The public key will be stored in F<< I<path> >> |
25 |
|
|
while the private key will be stored in F<< I<path> .privkey >>. Neither file must be |
26 |
|
|
non-empty for this to succeed. |
27 |
|
|
|
28 |
|
|
The public key file F<< I<path> >> is normally copied to F<pubkey/nodename> in |
29 |
|
|
the config directory on all nodes, while the private key F<< I<path>.privkey >> |
30 |
|
|
should be copied to the file F<hostkey> on the node the key is for. |
31 |
|
|
|
32 |
|
|
It's recommended to generate the keypair on the node where it will be |
33 |
|
|
used, so that the private key file does not have to travel over the |
34 |
|
|
network. |
35 |
|
|
|
36 |
|
|
=item B<-G>, B<--generate-keys> |
37 |
|
|
|
38 |
|
|
Generate public/private RSA key-pairs for all nodes not having a key and exit. |
39 |
|
|
|
40 |
|
|
Note that in normal configurations this will fail, as there cna only be |
41 |
|
|
one private key per host. To make this configuration work you need to |
42 |
|
|
specify separate keyfiles for hostkeys in your config file, e.g.: |
43 |
|
|
|
44 |
|
|
private-key = hostkeys/%s |
45 |
|
|
|
46 |
|
|
Such a configuration makes it easier to distribute a configuration |
47 |
|
|
centrally but requires private keys to be transported securely over the |
48 |
|
|
network. |
49 |
pcg |
1.1 |
|
50 |
pcg |
1.4 |
=item B<-q>, B<--quiet> |
51 |
|
|
|
52 |
|
|
Suppresses messages the author finds nonessential for scripting purposes. |
53 |
|
|
|
54 |
pcg |
1.1 |
=item B<--help> |
55 |
|
|
|
56 |
|
|
Display short list of options. |
57 |
|
|
|
58 |
|
|
=item B<--kill>[B<=>I<SIGNAL>] |
59 |
|
|
|
60 |
|
|
Attempt to kill a running C<gvpectrl> (optionally with the specified |
61 |
|
|
I<SIGNAL> instead of C<SIGTERM>) and exit. |
62 |
|
|
|
63 |
|
|
=item B<--show-config> |
64 |
|
|
|
65 |
|
|
Show a summary of the configuration, and how gvpe interprets it. Can also be very useful |
66 |
|
|
when designing firewall scripts. |
67 |
|
|
|
68 |
|
|
=item B<--version> |
69 |
|
|
|
70 |
|
|
Output version information and exit. |
71 |
|
|
|
72 |
|
|
=back |
73 |
|
|
|
74 |
|
|
=head1 BUGS |
75 |
|
|
|
76 |
pcg |
1.3 |
If you find any bugs, report them to C<gvpe@schmorp.de>. |
77 |
pcg |
1.1 |
|
78 |
|
|
=head1 SEE ALSO |
79 |
|
|
|
80 |
|
|
gvpe(5), gvpe.conf(5), gvpe(8). |
81 |
|
|
|
82 |
pcg |
1.5 |
GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are |
83 |
pcg |
1.1 |
welcome to redistribute it under certain conditions; see the file COPYING |
84 |
|
|
for details. |
85 |
|
|
|
86 |
pcg |
1.2 |
=head1 AUTHOR |
87 |
pcg |
1.1 |
|
88 |
pcg |
1.3 |
Marc Lehmann C<< <gvpe@schmorp.de> >>. |
89 |
pcg |
1.2 |
|