| 1 |
pcg |
1.1 |
=head1 NAME |
| 2 |
|
|
|
| 3 |
|
|
C<gvpectrl> - GNU Virtual Private Ethernet Control Program |
| 4 |
|
|
|
| 5 |
|
|
=head1 SYNOPSIS |
| 6 |
|
|
|
| 7 |
|
|
C<gvpectrl> [B<-ckgs>] [B<--config=>I<DIR>] [B<--generate-keys>] [B<--help>] |
| 8 |
|
|
[B<--kill>[B<=>I<SIGNAL>]] [B<--show-config>] [B<--version>] |
| 9 |
|
|
|
| 10 |
|
|
=head1 DESCRIPTION |
| 11 |
|
|
|
| 12 |
|
|
This is the control program for the C<gvpe>, the virtual private ethernet daemon. |
| 13 |
|
|
|
| 14 |
|
|
=head1 OPTIONS |
| 15 |
|
|
|
| 16 |
|
|
=over 4 |
| 17 |
|
|
|
| 18 |
|
|
=item B<-c>, B<--config=>I<DIR> |
| 19 |
|
|
|
| 20 |
|
|
Read configuration options from I<DIR>. |
| 21 |
|
|
|
| 22 |
root |
1.6 |
=item B<-g>, B<--generate-key=path> |
| 23 |
pcg |
1.1 |
|
| 24 |
root |
1.6 |
Generates a single RSA key-pair. The public key will be stored in F<< I<path> >> |
| 25 |
|
|
while the private key will be stored in F<< I<path> .privkey >>. Neither file must be |
| 26 |
|
|
non-empty for this to succeed. |
| 27 |
|
|
|
| 28 |
|
|
The public key file F<< I<path> >> is normally copied to F<pubkey/nodename> in |
| 29 |
|
|
the config directory on all nodes, while the private key F<< I<path>.privkey >> |
| 30 |
|
|
should be copied to the file F<hostkey> on the node the key is for. |
| 31 |
|
|
|
| 32 |
|
|
It's recommended to generate the keypair on the node where it will be |
| 33 |
|
|
used, so that the private key file does not have to travel over the |
| 34 |
|
|
network. |
| 35 |
|
|
|
| 36 |
|
|
=item B<-G>, B<--generate-keys> |
| 37 |
|
|
|
| 38 |
|
|
Generate public/private RSA key-pairs for all nodes not having a key and exit. |
| 39 |
|
|
|
| 40 |
|
|
Note that in normal configurations this will fail, as there cna only be |
| 41 |
|
|
one private key per host. To make this configuration work you need to |
| 42 |
|
|
specify separate keyfiles for hostkeys in your config file, e.g.: |
| 43 |
|
|
|
| 44 |
|
|
private-key = hostkeys/%s |
| 45 |
|
|
|
| 46 |
|
|
Such a configuration makes it easier to distribute a configuration |
| 47 |
|
|
centrally but requires private keys to be transported securely over the |
| 48 |
|
|
network. |
| 49 |
pcg |
1.1 |
|
| 50 |
pcg |
1.4 |
=item B<-q>, B<--quiet> |
| 51 |
|
|
|
| 52 |
|
|
Suppresses messages the author finds nonessential for scripting purposes. |
| 53 |
|
|
|
| 54 |
pcg |
1.1 |
=item B<--help> |
| 55 |
|
|
|
| 56 |
|
|
Display short list of options. |
| 57 |
|
|
|
| 58 |
|
|
=item B<--kill>[B<=>I<SIGNAL>] |
| 59 |
|
|
|
| 60 |
|
|
Attempt to kill a running C<gvpectrl> (optionally with the specified |
| 61 |
|
|
I<SIGNAL> instead of C<SIGTERM>) and exit. |
| 62 |
|
|
|
| 63 |
|
|
=item B<--show-config> |
| 64 |
|
|
|
| 65 |
|
|
Show a summary of the configuration, and how gvpe interprets it. Can also be very useful |
| 66 |
|
|
when designing firewall scripts. |
| 67 |
|
|
|
| 68 |
|
|
=item B<--version> |
| 69 |
|
|
|
| 70 |
|
|
Output version information and exit. |
| 71 |
|
|
|
| 72 |
|
|
=back |
| 73 |
|
|
|
| 74 |
|
|
=head1 BUGS |
| 75 |
|
|
|
| 76 |
pcg |
1.3 |
If you find any bugs, report them to C<gvpe@schmorp.de>. |
| 77 |
pcg |
1.1 |
|
| 78 |
|
|
=head1 SEE ALSO |
| 79 |
|
|
|
| 80 |
|
|
gvpe(5), gvpe.conf(5), gvpe(8). |
| 81 |
|
|
|
| 82 |
pcg |
1.5 |
GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are |
| 83 |
pcg |
1.1 |
welcome to redistribute it under certain conditions; see the file COPYING |
| 84 |
|
|
for details. |
| 85 |
|
|
|
| 86 |
pcg |
1.2 |
=head1 AUTHOR |
| 87 |
pcg |
1.1 |
|
| 88 |
pcg |
1.3 |
Marc Lehmann C<< <gvpe@schmorp.de> >>. |
| 89 |
pcg |
1.2 |
|
