… | |
… | |
131 | .\} |
131 | .\} |
132 | .rm #[ #] #H #V #F C |
132 | .rm #[ #] #H #V #F C |
133 | .\" ======================================================================== |
133 | .\" ======================================================================== |
134 | .\" |
134 | .\" |
135 | .IX Title "GVPECTRL 8" |
135 | .IX Title "GVPECTRL 8" |
136 | .TH GVPECTRL 8 "2015-10-31" "2.25" "GNU Virtual Private Ethernet" |
136 | .TH GVPECTRL 8 "2016-11-02" "2.25" "GNU Virtual Private Ethernet" |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
138 | .\" way too many mistakes in technical documents. |
138 | .\" way too many mistakes in technical documents. |
139 | .if n .ad l |
139 | .if n .ad l |
140 | .nh |
140 | .nh |
141 | .SH "NAME" |
141 | .SH "NAME" |
… | |
… | |
150 | .SH "OPTIONS" |
150 | .SH "OPTIONS" |
151 | .IX Header "OPTIONS" |
151 | .IX Header "OPTIONS" |
152 | .IP "\fB\-c\fR, \fB\-\-config=\fR\fI\s-1DIR\s0\fR" 4 |
152 | .IP "\fB\-c\fR, \fB\-\-config=\fR\fI\s-1DIR\s0\fR" 4 |
153 | .IX Item "-c, --config=DIR" |
153 | .IX Item "-c, --config=DIR" |
154 | Read configuration options from \fI\s-1DIR\s0\fR. |
154 | Read configuration options from \fI\s-1DIR\s0\fR. |
|
|
155 | .IP "\fB\-g\fR, \fB\-\-generate\-key=path\fR" 4 |
|
|
156 | .IX Item "-g, --generate-key=path" |
|
|
157 | Generates a single \s-1RSA\s0 key-pair. The public key will be stored in \fI\fIpath\fI\fR |
|
|
158 | while the private key will be stored in \fI\fIpath\fI .privkey\fR. Neither file must be |
|
|
159 | non-empty for this to succeed. |
|
|
160 | .Sp |
|
|
161 | The public key file \fI\fIpath\fI\fR is normally copied to \fIpubkey/nodename\fR in |
|
|
162 | the config directory on all nodes, while the private key \fI\fIpath\fI.privkey\fR |
|
|
163 | should be copied to the file \fIhostkey\fR on the node the key is for. |
|
|
164 | .Sp |
|
|
165 | It's recommended to generate the keypair on the node where it will be |
|
|
166 | used, so that the private key file does not have to travel over the |
|
|
167 | network. |
155 | .IP "\fB\-g\fR, \fB\-\-generate\-keys\fR" 4 |
168 | .IP "\fB\-G\fR, \fB\-\-generate\-keys\fR" 4 |
156 | .IX Item "-g, --generate-keys" |
169 | .IX Item "-G, --generate-keys" |
157 | Generate public/private \s-1RSA\s0 key-pair and exit. |
170 | Generate public/private \s-1RSA\s0 key-pairs for all nodes not having a key and exit. |
|
|
171 | .Sp |
|
|
172 | Note that in normal configurations this will fail, as there cna only be |
|
|
173 | one private key per host. To make this configuration work you need to |
|
|
174 | specify separate keyfiles for hostkeys in your config file, e.g.: |
|
|
175 | .Sp |
|
|
176 | .Vb 1 |
|
|
177 | \& private\-key = hostkeys/%s |
|
|
178 | .Ve |
|
|
179 | .Sp |
|
|
180 | Such a configuration makes it easier to distribute a configuration |
|
|
181 | centrally but requires private keys to be transported securely over the |
|
|
182 | network. |
158 | .IP "\fB\-q\fR, \fB\-\-quiet\fR" 4 |
183 | .IP "\fB\-q\fR, \fB\-\-quiet\fR" 4 |
159 | .IX Item "-q, --quiet" |
184 | .IX Item "-q, --quiet" |
160 | Suppresses messages the author finds nonessential for scripting purposes. |
185 | Suppresses messages the author finds nonessential for scripting purposes. |
161 | .IP "\fB\-\-help\fR" 4 |
186 | .IP "\fB\-\-help\fR" 4 |
162 | .IX Item "--help" |
187 | .IX Item "--help" |