1 SETTING UP TRIPE FOR DEBIAN GNU/LINUX
3 Firstly, you need to set up public key parameters. To generate
7 # key add -adh-param -LS -b2048 -B256 -eforever \
9 # key extract param param
11 (Feel free to twiddle these settings. Read key(1) for details
12 about the various options.) You can now copy the file `param'
13 to the other hosts which will participate in the VPN. If you
14 already have a `param' file from this procedure, you should
15 copy it into /etc/tripe and run
21 Now, generate a public key. Before you can do this, you'll need
22 to give this host a name. Let's say we've chosen `alice' as the
25 # key add -adh -pparam -talice -e"now + 1 year" tripe-dh
26 # key extract -f-secret alice.pub alice
27 # key -kkeyring.pub merge alice.pub
29 Now copy `alice.pub' to the other hosts, and run the `key merge'
30 command on each of them. Also merge the keys from the other
31 hosts into alice's `keyring.pub' file.
33 Finally, you need to write a script in /etc/tripe/peers for each
34 peer you want to communicate with. The following template works
41 PEER=... # The peer's name
42 PEERADDR=... # Peer's publicly-routable address
43 PEERPORT=4070 # Port peer is listening on
44 LOCAL=... # My address for point-to-point
45 REMOTE=... # His address for point-to-point
46 RNET=... # Remote network address
47 RMASK=... # Netmask of remote network
49 tripectl add $PEER $PEERADDR $PEERPORT
50 ifname=`tripectl ifname $PEER`
51 ifconfig $ifname $LOCAL pointopoint $REMOTE mtu 1429
52 route add -net $RNET netmask $RMASK gw $REMOTE