--- /dev/null
+SETTING UP TRIPE FOR DEBIAN GNU/LINUX
+
+ Firstly, you need to set up public key parameters. To generate
+ a new set, run
+
+ # cd /etc/tripe
+ # key add -adh-param -LS -b2048 -B256 -eforever \
+ -tparam tripe-dh-param
+ # key extract param param
+
+ (Feel free to twiddle these settings. Read key(1) for details
+ about the various options.) You can now copy the file `param'
+ to the other hosts which will participate in the VPN. If you
+ already have a `param' file from this procedure, you should
+ copy it into /etc/tripe and run
+
+ # key merge param
+
+ instead.
+
+ Now, generate a public key. Before you can do this, you'll need
+ to give this host a name. Let's say we've chosen `alice' as the
+ name. Run
+
+ # key add -adh -pparam -talice -e"now + 1 year" tripe-dh
+ # key extract -f-secret alice.pub alice
+ # key -kkeyring.pub merge alice.pub
+
+ Now copy `alice.pub' to the other hosts, and run the `key merge'
+ command on each of them. Also merge the keys from the other
+ hosts into alice's `keyring.pub' file.
+
+ Finally, you need to write a script in /etc/tripe/peers for each
+ peer you want to communicate with. The following template works
+ OK.
+
+ #! /bin/sh
+
+ set -e
+
+ PEER=... # The peer's name
+ PEERADDR=... # Peer's publicly-routable address
+ PEERPORT=22003 # Port peer is listening on
+ LOCAL=... # My address for point-to-point
+ REMOTE=... # His address for point-to-point
+ RNET=... # Remote network address
+ RMASK=... # Netmask of remote network
+
+ tripectl add $PEER $PEERADDR $PEERPORT
+ ifname=`tripectl ifname $PEER`
+ ifconfig $ifname $LOCAL pointopoint $REMOTE mtu 1429
+ route add -net $RNET netmask $RMASK gw $REMOTE
+
~mdw / tripe / blobdiff