X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/3cbd2d89482ab48adea16aef781b191b793d9a26..HEAD:/keys/tripe-keys.8.in diff --git a/keys/tripe-keys.8.in b/keys/tripe-keys.8.in index ce3c1ec1..bedea9cb 100644 --- a/keys/tripe-keys.8.in +++ b/keys/tripe-keys.8.in @@ -9,25 +9,24 @@ .\" .\" This file is part of Trivial IP Encryption (TrIPE). .\" -.\" TrIPE is free software; you can redistribute it and/or modify -.\" it under the terms of the GNU General Public License as published by -.\" the Free Software Foundation; either version 2 of the License, or -.\" (at your option) any later version. +.\" TrIPE is free software: you can redistribute it and/or modify it under +.\" the terms of the GNU General Public License as published by the Free +.\" Software Foundation; either version 3 of the License, or (at your +.\" option) any later version. .\" -.\" TrIPE is distributed in the hope that it will be useful, -.\" but WITHOUT ANY WARRANTY; without even the implied warranty of -.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -.\" GNU General Public License for more details. +.\" TrIPE is distributed in the hope that it will be useful, but WITHOUT +.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +.\" for more details. .\" .\" You should have received a copy of the GNU General Public License -.\" along with TrIPE; if not, write to the Free Software Foundation, -.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +.\" along with TrIPE. If not, see . . .\"-------------------------------------------------------------------------- -.so ../defs.man.in \" @@@PRE@@@ +.so ../common/defs.man \" @@@PRE@@@ . .\"-------------------------------------------------------------------------- -.TH tripe-keys 8 "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" +.TH tripe-keys 8tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" . .\"-------------------------------------------------------------------------- .SH "NAME" @@ -56,6 +55,8 @@ tripe-keys \- simple centralized key management for tripe .br .B "clean" .br +.B "check" +.br .BR "mtu " [ \fIpath-mtu ] . .\"-------------------------------------------------------------------------- @@ -166,8 +167,12 @@ file. Copy the results to the places named by .IR sig-file , and .I conf-file -respectively. (This command is currently misnamed. It only copies -stuff about the local filesystem. Some day it'll really upload stuff.) +respectively. Remove unexpected files from the +.IR base-dir , +since these tend to be signatures made by old master keys which don't +work any more. Run the +.I upload-hook +to copy things into the right places. .TP .BI "generate " tag Generate a peer key for the peer named @@ -218,13 +223,23 @@ and their associated .B .old files. .TP +.B check +Checks the various keyrings. Currently, it checks the +.B master +and +.B keyring.pub +files, and prints a report warning of keys which will expire soon. It +is expected that this command be run against the master repository by +.BR cron (8). +Additional checking may added in the future. +.TP .BR "mtu " [ \fIpath-mtu ] Write, as a decimal number on standard output, the recommended MTU for a TrIPE tunnel interface, given that the .I path-mtu between two peers is as specified. The default is 1500, which is very commonly correct, but you should check using a tool such as -.BR tracepath (8). +.BR pathmtu (1). Getting the MTU too big will lead to unnecessary fragmentation of TrIPE's UDP datagrams; getting it too small will fail to utilize the underlying network effectively. If in doubt, it's therefore better to