--- gvpe/doc/gvpectrl.8 2005/03/23 21:55:39 1.3 +++ gvpe/doc/gvpectrl.8 2016/11/02 07:06:38 1.9 @@ -1,15 +1,7 @@ -.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14 +.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.30) .\" .\" Standard preamble: .\" ======================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp @@ -25,11 +17,11 @@ .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to -.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' -.\" expand to `' in nroff, nothing in troff, for use with C<>. -.tr \(*W-|\(bv\*(Tr +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- @@ -46,24 +38,36 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" .\" If the F register is turned on, we'll generate index entries on stderr for -.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX +.. +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{ +. if \nF \{ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. -. nr % 0 -. rr F +. if !\nF==2 \{ +. nr % 0 +. nr F 2 +. \} +. \} .\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it makes -.\" way too many mistakes in technical documents. -.hy 0 -.if n .na +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -129,9 +133,13 @@ .\" ======================================================================== .\" .IX Title "GVPECTRL 8" -.TH GVPECTRL 8 "2005-03-23" "1.9" "GNU Virtual Private Ethernet" +.TH GVPECTRL 8 "2016-11-02" "2.25" "GNU Virtual Private Ethernet" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh .SH "NAME" -\&\f(CW\*(C`gvpectrl\*(C'\fR \- GNU Virtual Private Ethernet Control Program +"gvpectrl" \- GNU Virtual Private Ethernet Control Program .SH "SYNOPSIS" .IX Header "SYNOPSIS" \&\f(CW\*(C`gvpectrl\*(C'\fR [\fB\-ckgs\fR] [\fB\-\-config=\fR\fI\s-1DIR\s0\fR] [\fB\-\-generate\-keys\fR] [\fB\-\-help\fR] @@ -144,9 +152,37 @@ .IP "\fB\-c\fR, \fB\-\-config=\fR\fI\s-1DIR\s0\fR" 4 .IX Item "-c, --config=DIR" Read configuration options from \fI\s-1DIR\s0\fR. -.IP "\fB\-g\fR, \fB\-\-generate\-keys\fR" 4 -.IX Item "-g, --generate-keys" -Generate public/private \s-1RSA\s0 keypair and exit. +.IP "\fB\-g\fR, \fB\-\-generate\-key=path\fR" 4 +.IX Item "-g, --generate-key=path" +Generates a single \s-1RSA\s0 key-pair. The public key will be stored in \fI\fIpath\fI\fR +while the private key will be stored in \fI\fIpath\fI .privkey\fR. Neither file must be +non-empty for this to succeed. +.Sp +The public key file \fI\fIpath\fI\fR is normally copied to \fIpubkey/nodename\fR in +the config directory on all nodes, while the private key \fI\fIpath\fI.privkey\fR +should be copied to the file \fIhostkey\fR on the node the key is for. +.Sp +It's recommended to generate the keypair on the node where it will be +used, so that the private key file does not have to travel over the +network. +.IP "\fB\-G\fR, \fB\-\-generate\-keys\fR" 4 +.IX Item "-G, --generate-keys" +Generate public/private \s-1RSA\s0 key-pairs for all nodes not having a key and exit. +.Sp +Note that in normal configurations this will fail, as there cna only be +one private key per host. To make this configuration work you need to +specify separate keyfiles for hostkeys in your config file, e.g.: +.Sp +.Vb 1 +\& private\-key = hostkeys/%s +.Ve +.Sp +Such a configuration makes it easier to distribute a configuration +centrally but requires private keys to be transported securely over the +network. +.IP "\fB\-q\fR, \fB\-\-quiet\fR" 4 +.IX Item "-q, --quiet" +Suppresses messages the author finds nonessential for scripting purposes. .IP "\fB\-\-help\fR" 4 .IX Item "--help" Display short list of options. @@ -163,14 +199,14 @@ Output version information and exit. .SH "BUGS" .IX Header "BUGS" -If you find any bugs, report them to \f(CW\*(C`gvpe@plan9.de\*(C'\fR. +If you find any bugs, report them to \f(CW\*(C`gvpe@schmorp.de\*(C'\fR. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIgvpe\fR\|(5), \fIgvpe.conf\fR\|(5), \fIgvpe\fR\|(8). .PP -gvpe comes with \s-1ABSOLUTELY\s0 \s-1NO\s0 \s-1WARRANTY\s0. This is free software, and you are +\&\s-1GVPE\s0 comes with \s-1ABSOLUTELY NO WARRANTY. \s0 This is free software, and you are welcome to redistribute it under certain conditions; see the file \s-1COPYING\s0 for details. .SH "AUTHOR" .IX Header "AUTHOR" -Marc Lehmann \f(CW\*(C`\*(C'\fR. +Marc Lehmann \f(CW\*(C`\*(C'\fR.