Using keyring on tinc

Guus Sliepen guus at tinc-vpn.org
Fri Jan 5 19:56:16 CET 2018


On Fri, Jan 05, 2018 at 02:34:00PM -0300, Inaki Malerba wrote:

> Public keys I mean.
> 
> I'd like to manage an easier way to distribute public keys when a new
> user is added to the network.
> 
> I'm thinking of mounting hosts/ over ssh on the servers and have it
> centralized.
> Also, distributing server config (host file, ConnectTo, etc) to the
> clients via debian package or git maybe.
> 
> Has anyone done something different with this?

For tinc 1.0, have a look at the ChaosVPN tools. These take care of
distributing configuration files to any number of clients, securely,
from a central repository:

https://github.com/ryd/chaosvpn

If you can live with just distributing the hosts/ directory, then pretty
much anything will work, including Debian packages or git.

For tinc 1.1, things are a bit different: you can use the invitation
system to add new nodes to a VPN and automatically have them exchange
information on how to connect. It's not perfect yet, but the idea is
that this will automatically keep all hosts in sync. See:

https://tinc-vpn.org/documentation-1.1/Invitations.html

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180105/c30474e5/attachment.sig>


More information about the tinc mailing list