X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.8.in;h=6644adde836b865b2511f204d1b60565e98f0dde;hp=74f182a98c959a67b3adefb263337986e4c8a6a6;hb=c2dc3784f127ef6db6e9960a4abecc1aab6f4e31;hpb=44c7f554c7a6eb411428cfd30ca2cb21a613830e diff --git a/doc/tinc.8.in b/doc/tinc.8.in index 74f182a9..6644adde 100644 --- a/doc/tinc.8.in +++ b/doc/tinc.8.in @@ -11,6 +11,7 @@ .Op Fl -config Ns = Ns Ar DIR .Op Fl -net Ns = Ns Ar NETNAME .Op Fl -pidfile Ns = Ns Ar FILENAME +.Op Fl -force .Op Fl -help .Op Fl -version .Op Ar COMMAND @@ -54,6 +55,8 @@ Use the cookie from to authenticate with a running tinc daemon. If unspecified, the default is .Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid. +.It Fl -force +Force some commands to work despite warnings. .It Fl -help Display short list of options. .It Fl -version @@ -69,7 +72,7 @@ option, the value of this environment variable is used. .Sh COMMANDS .Bl -tag -width indent .It init Op Ar name -Create initial configuration files and RSA and ECDSA keypairs with default length. +Create initial configuration files and RSA and Ed25519 keypairs with default length. If no .Ar name for this node is given, it will be asked for. @@ -88,6 +91,7 @@ To set a variable for a specific host, use the notation .Ar host Ns Li . Ns Ar variable . .It add Ar variable Ar value As above, but without removing any previously existing configuration variables. +If the variable already exists with the given value, nothing happens. .It del Ar variable Op Ar value Remove configuration variables with the same name and .Ar value . @@ -101,16 +105,16 @@ You do not need to specify the full path to the file. Export the host configuration file of the local node to standard output. .It export-all Export all host configuration files to standard output. -.It import Op Fl -force +.It import Import host configuration data generated by the .Nm export command from standard input. Already existing host configuration files are not overwritten unless the option .Fl -force is used. -.It exchange Op Fl -force +.It exchange The same as export followed by import. -.It exchange-all Op Fl -force +.It exchange-all The same as export-all followed by import. .It invite Ar name Prepares an invitation for a new node with the given @@ -142,9 +146,9 @@ will be made. Shows the PID of the currently running .Xr tincd 8 . .It generate-keys Op bits -Generate both RSA and ECDSA keypairs (see below) and exit. -.It generate-ecdsa-keys -Generate public/private ECDSA keypair and exit. +Generate both RSA and Ed25519 keypairs (see below) and exit. +.It generate-ed25519-keys +Generate public/private Ed25519 keypair and exit. .It generate-rsa-keys Op bits Generate public/private RSA keypair and exit. If @@ -168,6 +172,9 @@ format. Nodes are colored according to their reachability: red nodes are unreachable, orange nodes are indirectly reachable, green nodes are directly reachable. Black nodes are either directly or indirectly reachable, but direct reachability has not been tried yet. +.It dump invitations +Dump a list of outstanding invitations. +The filename of the invitation, as well as the name of the node that is being invited is shown for each invitation. .It info Ar node | subnet | address Show information about a particular node, subnet or address. If an address is given, any matching subnet will be shown. @@ -215,6 +222,38 @@ If .Ar netname is given, switch to that network. Otherwise, display a list of all networks for which configuration files exist. +.It fsck +This will check the configuration files for possible problems, +such as unsafe file permissions, missing executable bit on script, +unknown and obsolete configuration variables, wrong public and/or private keys, and so on. +.Pp +When problems are found, this will be printed on a line with WARNING or ERROR in front of it. +Most problems must be corrected by the user itself, however in some cases (like file permissions and missing public keys), +tinc will ask if it should fix the problem. +.It sign Op Ar filename +Sign a file with the local node's private key. +If no +.Ar filename +is given, the file is read from standard input. +The signed file is written to standard output. +.It verify Ar name Op Ar filename +Check the signature of a file against a node's public key. +The +.Ar name +of the node must be given, +or can be +.Li . +to check against the local node's public key, or +.Li * +to allow a signature from any node whose public key is known. +If no +.Ar filename +is given, the file is read from standard input. +If the verification is succesful, +a copy of the input with the signature removed is written to standard output, +and the exit code will be zero. +If the verification failed, +nothing will be written to standard output, and the exit code will be non-zero. .El .Sh EXAMPLES Examples of some commands: