X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/91ac51aa6d078ba287972988fc9cca6593bfbe8f..add23883a6378567be6b7866bc2ff2c32400a346:/server/tripe-admin.5.in diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in index 6ffa6cd6..edd56779 100644 --- a/server/tripe-admin.5.in +++ b/server/tripe-admin.5.in @@ -27,7 +27,7 @@ .so ../common/defs.man \" @@@PRE@@@ . .\"-------------------------------------------------------------------------- -.TH tripe-admin 5 "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" +.TH tripe-admin 5tripe "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" . .\"-------------------------------------------------------------------------- .SH "NAME" @@ -364,6 +364,19 @@ address and emit an .B NEWADDR notification. .TP +.BI "\-priv " tag +Use the private key +.I tag +to authenticate to the peer. The default is to use the key named in the +.RB ` \-t ' +command-line option, or a key with type +.B tripe +or +.BR tripe-dh : +see +.BR tripe (8) +for the details. +.TP .BI "\-tunnel " tunnel Use the named tunnel driver, rather than the default. .\"-opts @@ -410,6 +423,12 @@ The mask-generating function in use, e.g., .B hashsz The size of the hash function's output, in octets. .TP +.B bulk-transform +The name of the bulk-crypto transform. +.TP +.B bulk-overhead +The amount of overhead, in bytes, caused by the crypto transform. +.TP .B cipher The name of the bulk data cipher in use, e.g., .BR blowfish-cbc . @@ -428,7 +447,7 @@ allow for a seamless changeover of keys.) .TP .B mac The message authentication algorithm in use, e.g., -.BR ripemd160-hmac .. +.BR ripemd160-hmac . .TP .B mac-keysz The length of the key used by the message authentication algorithm, in @@ -436,6 +455,16 @@ octets. .TP .B mac-tagsz The length of the message authentication tag, in octets. +.TP +.B blkc +The block cipher in use, e.g., +.BR blowfish . +.TP +.B blkc-keysz +The length of key used by the block cipher, in octets. +.TP +.B blkc-blksz +The block size of the block cipher. .PP The various sizes are useful, for example, when computing the MTU for a tunnel interface. If @@ -443,13 +472,12 @@ tunnel interface. If is the MTU of the path to the peer, then the tunnel MTU should be .IP .I MTU -\- 33 \- -.I cipher-blksz -\- -.I mac-tagsz +\- 29 \- +.I bulk-overhead .PP allowing 20 bytes of IP header, 8 bytes of UDP header, a packet type -octet, a four-octet sequence number, an IV, and a MAC tag. +octet, and the bulk-crypto transform overhead (which includes the +sequence number). .RE .SP .BI "BGCANCEL " tag @@ -465,7 +493,7 @@ or in a greeting message. .SP .B "DAEMON" Causes the server to disassociate itself from its terminal and become a -background task. This only works once. A warning is issued. +background task. This only works once. A notification is issued. .SP .BI "EPING \fR[" options "\fR] " peer Sends an encrypted ping to the peer, and expects an encrypted response. @@ -557,7 +585,12 @@ may change during the life of the association. .B private-key The private key tag being used for the peer, as passed to the .B ADD -command. +command, or the +.RB ` \-t ' +command-line option. If neither of these was given explicitly, the +private key tag is shown as +.RB ` (default) ', +since there is no fixed tag used under these circumstances. .TP .B current-private-key The full key tag of the private key currently being used for this @@ -1243,6 +1276,12 @@ exchange. .BI "KEYMGMT " which "-keyring " file " io-error " ecode " " message A system error occurred while opening or reading the keyring file. .SP +.BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk +The key specifies the use of an unknown bulk-crypto transform +.IR bulk . +Maybe the key was generated wrongly, or maybe the version of Catacomb +installed is too old. +.SP .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher The key specifies the use of an unknown symmetric encryption algorithm .IR cipher .