server/tests.at (server retry): Use the new `WITH_STRACE' macro.

[tripe] / server / tripe.8.in

diff --git a/server/tripe.8.in b/server/tripe.8.in
index f43ab5f8ca4b8d9155390618a9a98c80f4ada28e..fd0209d728f82f861de8d1e43e760c5b2cae3131 100644 (file)
--- a/server/tripe.8.in
+++ b/server/tripe.8.in
@@ -27,7 +27,7 @@
 .so ../common/defs.man \" @@@PRE@@@
 .
 .\"--------------------------------------------------------------------------
-.TH tripe 8 "10 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
+.TH tripe 8tripe "10 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
 .
 .\"--------------------------------------------------------------------------
 .SH "NAME"
@@ -55,6 +55,8 @@ tripe \- a simple VPN daemon
 .IR group ]
 .RB [ \-a
 .IR socket ]
+.RB [ \-m
+.IR mode ]
 .RB [ \-T
 .IR trace-opts ]
 .br
@@ -221,9 +223,13 @@ option.  The selected user (and group) will also be the owner of the
 administration socket.
 .TP
 .BI "\-G, \-\-setgid=" group
-Set gid to that of
+If the current effective uid is zero (i.e., the daemon was invoked as
+.BR root )
+then set gid to that of
 .I group
-(either a group name or integer gid) after initialization.
+(either a group name or integer gid) after initialization.  In any
+event, arrange hat the administration socket be owned by the given
+.IR group .
 .TP
 .BI "\-k, \-\-priv\-keyring=" file
 Reads the private key from
@@ -256,6 +262,16 @@ if that's not set either, then a default default of
 .B "\*(/s/tripesock"
 is used instead.
 .TP
+.BI "\-m, \-\-admin\-perms=" mode
+Permissions (as an octal number) to set on the administration socket.  The
+default is 600, which allows only the socket owner.  Setting 660 allows
+members of the
+.I group
+configured through the
+.B \-G
+option to connect to the socket, which may be useful.  Allowing world access
+is a terrible idea.
+.TP
 .BI "\-T, \-\-trace=" trace-opts
 Allows the enabling or disabling of various internal diagnostics.  See
 below for the list of options.
@@ -344,6 +360,15 @@ uses are Blowfish (by Schneier) for symmetric encryption, and RIPEMD-160
 mode, designed by Bellare, Canetti and Krawczyk).  These can all be
 overridden by setting attributes on your private key, as follows.
 .TP
+.B bulk
+Names the bulk-crypto transform to use.  See below.
+.TP
+.B blkc
+Names a block cipher, used by some bulk-crypto transforms (e.g.,
+.BR iiv ).  The default is to use the block cipher underlying the chosen
+.BR cipher ,
+if any.
+.TP
 .B cipher
 Names the symmetric encryption scheme to use.  The default is
 .BR blowfish\-cbc .
@@ -364,6 +389,26 @@ at half the underlying hash function's output length.
 A `mask-generation function', used in the key-exchange.  The default is
 .IB hash \-mgf
 and there's no good reason to change it.
+.PP
+The available bulk-crypto transforms are as follows.
+.TP
+.B v0
+Originally this was the only transform available.  It's a standard
+generic composition of a CPA-secure symmetric encryption scheme with a
+MAC; initialization vectors for symmetric encryption are chosen at
+random and included explicitly in the cryptogram.
+.TP
+.B iiv
+A newer `implicit-IV' transform.  Rather than having an explicit random
+IV, the IV is computed from the sequence number using a block cipher.
+This has two advantages over the
+.B v0
+transform.  Firstly, it adds less overhead to encrypted messages
+(because the IV no longer needs to be sent explicitly).  Secondly, and
+more significantly, the transform is entirely deterministic, so (a) it
+doesn't need the (possibly slow) random number generator, and (b) it
+closes a kleptographic channel, over which a compromised implementation
+could leak secret information to a third party.
 .SS "Using SLIP interfaces"
 Though not for the faint of heart, it is possible to get
 .B tripe