--- gvpe/doc/gvpectrl.8.pod 2005/06/21 08:46:53 1.3 +++ gvpe/doc/gvpectrl.8.pod 2016/11/02 06:54:13 1.6 @@ -19,9 +19,37 @@ Read configuration options from I. -=item B<-g>, B<--generate-keys> +=item B<-g>, B<--generate-key=path> -Generate public/private RSA keypair and exit. +Generates a single RSA key-pair. The public key will be stored in F<< I >> +while the private key will be stored in F<< I .privkey >>. Neither file must be +non-empty for this to succeed. + +The public key file F<< I >> is normally copied to F in +the config directory on all nodes, while the private key F<< I.privkey >> +should be copied to the file F on the node the key is for. + +It's recommended to generate the keypair on the node where it will be +used, so that the private key file does not have to travel over the +network. + +=item B<-G>, B<--generate-keys> + +Generate public/private RSA key-pairs for all nodes not having a key and exit. + +Note that in normal configurations this will fail, as there cna only be +one private key per host. To make this configuration work you need to +specify separate keyfiles for hostkeys in your config file, e.g.: + + private-key = hostkeys/%s + +Such a configuration makes it easier to distribute a configuration +centrally but requires private keys to be transported securely over the +network. + +=item B<-q>, B<--quiet> + +Suppresses messages the author finds nonessential for scripting purposes. =item B<--help> @@ -51,7 +79,7 @@ gvpe(5), gvpe.conf(5), gvpe(8). -gvpe comes with ABSOLUTELY NO WARRANTY. This is free software, and you are +GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details.