X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=doc%2Ftinc.texi;h=69e5a2b289e4b2db2d15a74f0d04600c9af87cf3;hb=8efc8dc961865ceddb74cb36f0b4a2ebde39cc55;hp=c5956d9af50aaeea35ef76d186d41872aeab787e;hpb=e8deda0b23463599a7533e82cf038a01062956a7;p=tinc diff --git a/doc/tinc.texi b/doc/tinc.texi index c5956d9a..69e5a2b2 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -37,7 +37,6 @@ permission notice identical to this one. @page @vskip 0pt plus 1filll -@cindex copyright This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. Copyright @copyright{} 1998-2011 Ivo Timmermans, @@ -55,7 +54,7 @@ permission notice identical to this one. @end titlepage -@ifinfo +@ifnottex @c ================================================================== @node Top @top Top @@ -72,7 +71,7 @@ permission notice identical to this one. * About us:: * Concept Index:: All used terms explained @end menu -@end ifinfo +@end ifnottex @c ================================================================== @node Introduction @@ -856,6 +855,21 @@ but which would have to be forwarded by an intermediate node, are dropped instea When combined with the IndirectData option, packets for nodes for which we do not have a meta connection with are also dropped. +@cindex ECDSAPrivateKeyFile +@item ECDSAPrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/ecdsa_key.priv}) +The file in which the private ECDSA key of this tinc daemon resides. +This is only used if ExperimentalProtocol is enabled. + +@cindex ExperimentalProtocol +@item ExperimentalProtocol = (no) [experimental] +When this option is enabled, experimental protocol enhancements will be used. +Ephemeral ECDH will be used for key exchanges, +and ECDSA will be used instead of RSA for authentication. +When enabled, an ECDSA key must have been generated before with +@samp{tincctl generate-ecdsa-keys}. +The experimental protocol may change at any time, +and there is no guarantee that tinc will run stable when it is used. + @cindex Forwarding @item Forwarding = (internal) [experimental] This option selects the way indirect packets are forwarded. @@ -1581,10 +1595,10 @@ This will let tinc read all configuration files from Specifying . for @var{netname} is the same as not specifying any @var{netname}. @xref{Multiple networks}. -@item --controlcookie=@var{filename} +@item --pidfile=@var{filename} Store a cookie in @var{filename} which allows tincctl to authenticate. If unspecified, the default is -@file{@value{localstatedir}/run/tinc.@var{netname}.cookie}. +@file{@value{localstatedir}/run/tinc.@var{netname}.pid}. @item -L, --mlock Lock tinc into main memory. @@ -1633,6 +1647,13 @@ You can also send the following signals to a running tincd process: @c from the manpage @table @samp +@item ALRM +Forces tinc to try to connect to all uplinks immediately. +Usually tinc attempts to do this itself, +but increases the time it waits between the attempts each time it failed, +and if tinc didn't succeed to connect to an uplink the first time after it started, +it defaults to the maximum time of 15 minutes. + @item HUP Partially rereads configuration files. Connections to hosts whose host config file are removed are closed. @@ -1866,10 +1887,10 @@ Read configuration options from the directory @var{path}. The default is @item -n, --net=@var{netname} Use configuration for net @var{netname}. @xref{Multiple networks}. -@item --controlcookie=@var{filename} +@item --pidfile=@var{filename} Use the cookie from @var{filename} to authenticate with a running tinc daemon. If unspecified, the default is -@file{@value{localstatedir}/run/tinc.@var{netname}.cookie}. +@file{@value{localstatedir}/run/tinc.@var{netname}.pid}. @item --help Display a short reminder of runtime options and commands, then terminate. @@ -2020,7 +2041,7 @@ Show amount of traffic in megabytes. @item G Show amount of traffic in gigabytes. -@item q, ESC +@item q Quit. @end table