1 |
=head1 NAME |
2 |
|
3 |
C<gvpectrl> - GNU Virtual Private Ethernet Control Program |
4 |
|
5 |
=head1 SYNOPSIS |
6 |
|
7 |
C<gvpectrl> [B<-ckgs>] [B<--config=>I<DIR>] [B<--generate-keys>] [B<--help>] |
8 |
[B<--kill>[B<=>I<SIGNAL>]] [B<--show-config>] [B<--version>] |
9 |
|
10 |
=head1 DESCRIPTION |
11 |
|
12 |
This is the control program for the C<gvpe>, the virtual private ethernet daemon. |
13 |
|
14 |
=head1 OPTIONS |
15 |
|
16 |
=over 4 |
17 |
|
18 |
=item B<-c>, B<--config=>I<DIR> |
19 |
|
20 |
Read configuration options from I<DIR>. |
21 |
|
22 |
=item B<-g>, B<--generate-key=path> |
23 |
|
24 |
Generates a single RSA key-pair. The public key will be stored in F<< I<path> >> |
25 |
while the private key will be stored in F<< I<path> .privkey >>. Neither file must be |
26 |
non-empty for this to succeed. |
27 |
|
28 |
The public key file F<< I<path> >> is normally copied to F<pubkey/nodename> in |
29 |
the config directory on all nodes, while the private key F<< I<path>.privkey >> |
30 |
should be copied to the file F<hostkey> on the node the key is for. |
31 |
|
32 |
It's recommended to generate the keypair on the node where it will be |
33 |
used, so that the private key file does not have to travel over the |
34 |
network. |
35 |
|
36 |
=item B<-G>, B<--generate-keys> |
37 |
|
38 |
Generate public/private RSA key-pairs for all nodes not having a key and exit. |
39 |
|
40 |
Note that in normal configurations this will fail, as there cna only be |
41 |
one private key per host. To make this configuration work you need to |
42 |
specify separate keyfiles for hostkeys in your config file, e.g.: |
43 |
|
44 |
private-key = hostkeys/%s |
45 |
|
46 |
Such a configuration makes it easier to distribute a configuration |
47 |
centrally but requires private keys to be transported securely over the |
48 |
network. |
49 |
|
50 |
=item B<-q>, B<--quiet> |
51 |
|
52 |
Suppresses messages the author finds nonessential for scripting purposes. |
53 |
|
54 |
=item B<--help> |
55 |
|
56 |
Display short list of options. |
57 |
|
58 |
=item B<--kill>[B<=>I<SIGNAL>] |
59 |
|
60 |
Attempt to kill a running C<gvpectrl> (optionally with the specified |
61 |
I<SIGNAL> instead of C<SIGTERM>) and exit. |
62 |
|
63 |
=item B<--show-config> |
64 |
|
65 |
Show a summary of the configuration, and how gvpe interprets it. Can also be very useful |
66 |
when designing firewall scripts. |
67 |
|
68 |
=item B<--version> |
69 |
|
70 |
Output version information and exit. |
71 |
|
72 |
=back |
73 |
|
74 |
=head1 BUGS |
75 |
|
76 |
If you find any bugs, report them to C<gvpe@schmorp.de>. |
77 |
|
78 |
=head1 SEE ALSO |
79 |
|
80 |
gvpe(5), gvpe.conf(5), gvpe(8). |
81 |
|
82 |
GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are |
83 |
welcome to redistribute it under certain conditions; see the file COPYING |
84 |
for details. |
85 |
|
86 |
=head1 AUTHOR |
87 |
|
88 |
Marc Lehmann C<< <gvpe@schmorp.de> >>. |
89 |
|