5 \h'-\w'\fB\\$1\ \fP'u'\fB\\$1\ \fP\c
32 .TH tripe 8 "10 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
34 tripe \- a simple VPN daemon
57 program is a server which can provide strong IP-level encryption and
58 authentication between two co-operating hosts. The program and its
59 protocol are deliberately very simple, to make analysing them easy and
60 to help build trust rapidly in the system.
64 server manages a number of secure connections to other `peer' hosts.
65 Each daemon is given a private key of its own, and a file of public keys
66 for the peers with which it is meant to communicate. It is responsible
67 for negotiating sets of symmetric keys with its peers, and for
68 encrypting, encapsulating and sending IP packets to its peers, and
69 decrypting, checking and de-encapsulating packets it receives from
72 When the server starts, it creates a Unix-domain socket on which it
73 listens for administration commands. It also logs warnings and
74 diagnostic information to the programs connected to its admin socket.
75 Clients connected to the socket can add new peers, and remove or find
76 out about existing peers. The textual protocol used to give the
78 server admin commands is described in
82 is provided to allow commands to be sent to the server either
83 interactively or by simple scripts.
84 .SS "Command-line arguments"
85 If not given any command-line arguments,
87 will initialize by following these steps:
89 It changes directory to
92 It acquires a UDP socket with an arbitrary kernel-selected port number.
93 It will use this socket to send and receive all communications with its
94 peer servers. The port chosen may be discovered by means of the
97 .BR tripe\-admin (5)).
99 It loads the private key with the tag or type name
101 from the Catacomb-format file
105 ready for extracting the public keys of peers as they're introduced.
106 (The format of these files is described in
108 They are maintained using the program
110 provided with the Catacomb distribution.)
112 It creates and listens to the Unix-domain socket
115 Following this, the server enters its main loop, accepting admin
116 connections and obeying any administrative commands, and communicating
117 with peers. It also treats its standard input and standard output
118 streams as an admin connection, reading commands from standard input and
119 writing responses and diagnostics messages to standard output.
121 Much of this behaviour may be altered by giving
123 suitable command-line options:
126 Writes a brief description of the command-line options available to
127 standard output and exits with status 0.
129 .B "\-v, \-\-version"
132 version number to standard output and exits with status 0.
135 Writes a brief usage summary to standard output and exits with status 0.
138 Dissociates from its terminal and starts running in the background after
139 completing the initialization procedure described above. If running as
142 will not read commands from standard input or write diagnostics to
143 standard output. A better way to start
145 in the background is with
148 .BI "\-d, \-\-directory=" dir
151 the current directory, instead of
153 Give a current directory of
155 if you don't want it to change directory at all.
157 .BI "\-p, \-\-port=" port
158 Use the specified UDP port for all communications with peers, rather
159 than an arbitarary kernel-assigned port.
161 .BI "\-k, \-\-priv\-keyring=" file
162 Reads the private key from
164 rather than the default
167 .BI "\-K, \-\-pub\-keyring=" file
168 Reads public keys from
170 rather than the default
172 This can be the same as the private keyring, but that's not recommended.
174 .BI "\-t, \-\-tag=" tag
175 Uses the private key whose tag or type is
177 rather than the default
180 .BI "\-a, \-\-admin\-socket=" socket
181 Accept admin connections to a Unix-domain socket named
183 rather than the default
186 .BI "\-T, \-\-trace=" trace-opts
187 Allows the enabling or disabling of various internal diagnostics. See
188 below for the list of options.
190 The TrIPE protocol requires all cooperating hosts to be using keys
191 with the same group parameters. A suitable group may be created with the
194 key add \-adh\-param \-LS \-b2048 \-B256 \e
195 \-eforever \-tparam tripe\-dh\-param
197 This creates a `parameters' key labelled
199 in your keyring file: it doesn't contain any secrets. You may vary the
204 to taste: the ones given provide good security, at the expense of
205 performance. Even so, from a cryptographic point of view, these keys
206 will be the weak point in the security of the system. Generation of the
207 group parameters can take a few minutes.
209 You should extract the parameters from your keyring and distribute them
210 (securely) to the other administrators. The parameters may be extracted
211 from your keyring with the command:
213 key extract param param
215 This may be merged into a keyring with:
219 Once your keyring contains the parameters, a suitable key can be created
222 key add \-adh \-pparam \-e"now + 1 year" tripe\-dh
224 This creates a Diffie-Hellman key using the parameters from key
226 which expires in one year. The new key has type
230 The program's name is
232 all in lower-case. The name of the protocol it uses is `TrIPE', with
233 four capital letters and one lower-case. The name stands for `Trivial
236 It's too easy to deny service during key exchange. If both ends are
237 honest, they'll notice any interference and resend their packets, but
238 it's possible to delay successful negotation for as long as desired by
239 sending bogus key exchange messages.
241 The code hasn't been audited. It may contain security bugs. If you
242 find one, please inform the author
247 .BR tripe\-admin (5).
249 .IR "The Trivial IP Encryption Protocol" ,
250 .IR "The Wrestlers Protocol" .
252 Mark Wooding, <mdw@nsict.org>