153 lines
4.3 KiB
Groff
153 lines
4.3 KiB
Groff
.TH TINCD 8 "Jan 2001" "tinc version 1.0pre4" "FSF"
|
|
.SH NAME
|
|
tincd \- tinc VPN daemon
|
|
.SH SYNOPSIS
|
|
.B tincd
|
|
[\fIoption\fR]...
|
|
.SH DESCRIPTION
|
|
.PP
|
|
|
|
This is the daemon of tinc, a secure virtual private
|
|
network (VPN) project. When started, tincd will read
|
|
it's configuration file to determine what virtual subnets
|
|
it has to serve and to what other tinc daemons it should connect.
|
|
It will connect to the ethertap or tun/tap device and set up a socket
|
|
for incoming connections.
|
|
Optionally a script will be executed to further configure the tap device.
|
|
If that succeeds, it will detach from the controlling terminal and
|
|
continue in the background, accepting and setting up connections to other
|
|
tinc daemons that are part of the virtual private network.
|
|
|
|
.SH OPTIONS
|
|
.TP
|
|
\fB\-c\fR, \fB\-\-config\fR=\fIDIR\fR
|
|
Read configuration options from DIR.
|
|
.TP
|
|
\fB\-D\fR, \fB\-\-no\-detach\fR
|
|
Don't fork and detach. This will also disable the automatic
|
|
restart mechanism for fatal errors.
|
|
.TP
|
|
\fB\-d\fR
|
|
Increase debug level (see below).
|
|
.TP
|
|
\fB\-k\fR, \fB\-\-kill\fR
|
|
Attempt to kill a running tincd and exit.
|
|
.TP
|
|
\fB\-n\fR, \fB\-\-net\fR=\fInetname\fR
|
|
Connect to net `netname'.
|
|
.TP
|
|
\fB\-K\fR, \fB\-\-generate-keys\fR[=\fIBITS]\fR
|
|
Generate public/private RSA keypair and exit. If BITS is omitted,
|
|
the default length will be 1024 bits.
|
|
.TP
|
|
\fB\-\-help\fR
|
|
Display short list of options.
|
|
.TP
|
|
\fB\-\-version\fR
|
|
Output version information and exit.
|
|
.PP
|
|
.SH "SIGNALS"
|
|
.TP
|
|
\fBHUP\fR
|
|
Closes all connections, rereads the configuration file and restarts the daemon.
|
|
.TP
|
|
\fBINT\fR
|
|
Closes all connections and quits.
|
|
.TP
|
|
\fBUSR1\fR
|
|
Dumps the connection list to syslog.
|
|
.TP
|
|
\fBUSR2\fR
|
|
Dumps the subnet list to syslog.
|
|
.TP
|
|
\fBALRM\fR
|
|
Forces tincd to try to connect to an uplink immediately. Usually tincd attempts
|
|
to do this itself, but increases the time it waits between the attempts each time
|
|
it failed, and if tincd didn't succeed to connect to an uplink the first time after
|
|
it started, it defaults to the maximum time of 15 minutes.
|
|
.PP
|
|
.SH "DEBUG LEVELS"
|
|
The tinc daemon can send a lot of messages to the syslog. The more \fB\-d\fR options are
|
|
given to tincd, the more messages it will log. Each level inherits all messages of the
|
|
previous level:
|
|
.TP
|
|
\fIno debug options\fR
|
|
This will log a message indicating tincd has started along with a version number.
|
|
It will also any serious error.
|
|
.TP
|
|
\fB\-d\fR
|
|
This will log all connections that are made with other tinc daemons.
|
|
.TP
|
|
\fB\-dd\fR
|
|
This will log status and error messages from other tinc daemons.
|
|
.TP
|
|
\fB\-ddd\fR
|
|
This will log all requests that are exchanged with other tinc daemons. These include
|
|
authentication, key exchange and connection list updates.
|
|
.TP
|
|
\fB\-dddd\fR
|
|
This will log a copy of everything received on the meta socket.
|
|
.TP
|
|
\fB\-ddddd\fR
|
|
This will log all network traffic over the virtual private network.
|
|
.PP
|
|
.SH "FILES"
|
|
.TP
|
|
\fI/etc/tinc/\fBnetname\fI/tinc.conf\fR
|
|
The configuration file for tincd.
|
|
.TP
|
|
\fI/etc/tinc/\fBnetname\fI/tinc-up\fR
|
|
Script which is executed as soon as a tap device has been allocated.
|
|
Purpose is to further configure that device.
|
|
.TP
|
|
\fI/etc/tinc/\fBnetname\fI/tinc-down\fR
|
|
Script which is executed when tinc quits.
|
|
Purpose is to shut down the tap device.
|
|
.TP
|
|
\fI/etc/tinc/\fBnetname\fI/hosts/*\fR
|
|
The directory containing the host configuration files
|
|
used to authenticate other tinc daemons.
|
|
.TP
|
|
\fI/var/run/tinc.\fBnetname\fI.pid\fR
|
|
The PID of the currently running tincd is stored in this file.
|
|
.PP
|
|
.SH "BUGS"
|
|
The TCPonly and IndirectData options may not work correctly.
|
|
.PP
|
|
\fBThe cryptography in tinc is not well tested yet. Use it at your own risk!\fR
|
|
.PP
|
|
If you find any bugs, report them to tinc@nl.linux.org.
|
|
.PP
|
|
.SH "TODO"
|
|
A lot, especially security auditting.
|
|
.PP
|
|
.SH "SEE ALSO"
|
|
\fBtinc.conf\fR(5)
|
|
.TP
|
|
\fBhttp://tinc.nl.linux.org/\fR
|
|
.TP
|
|
\fBhttp://www.cabal.org/\fR
|
|
.PP
|
|
The full documentation for
|
|
.B tinc
|
|
is maintained as a Texinfo manual. If the
|
|
.B info
|
|
and
|
|
.B tinc
|
|
programs are properly installed at your site, the command
|
|
.IP
|
|
.B info tinc
|
|
.PP
|
|
should give you access to the complete manual.
|
|
.PP
|
|
tinc comes with ABSOLUTELY NO WARRANTY. This is free software,
|
|
and you are welcome to redistribute it under certain conditions;
|
|
see the file COPYING for details.
|
|
.SH "AUTHORS"
|
|
.na
|
|
.nf
|
|
Ivo Timmermans <itimmermans@bigfoot.com>
|
|
Guus Sliepen <guus@sliepen.warande.net>
|
|
|
|
And thanks to many others for their contributions to tinc!
|
|
.PP
|