X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/494a7ac04de2a38bf6aade234602f831be314c55..f1d5c89163540b40b808527bafa861ca3e5fd371:/server/tripe-admin.5.in diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in index a7aee7cf..de3bfcb1 100644 --- a/server/tripe-admin.5.in +++ b/server/tripe-admin.5.in @@ -27,7 +27,7 @@ .so ../common/defs.man \" @@@PRE@@@ . .\"-------------------------------------------------------------------------- -.TH tripe-admin 5 "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" +.TH tripe-admin 5tripe "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" . .\"-------------------------------------------------------------------------- .SH "NAME" @@ -423,6 +423,12 @@ The mask-generating function in use, e.g., .B hashsz The size of the hash function's output, in octets. .TP +.B bulk-transform +The name of the bulk-crypto transform. +.TP +.B bulk-overhead +The amount of overhead, in bytes, caused by the crypto transform. +.TP .B cipher The name of the bulk data cipher in use, e.g., .BR blowfish-cbc . @@ -449,6 +455,16 @@ octets. .TP .B mac-tagsz The length of the message authentication tag, in octets. +.TP +.B blkc +The block cipher in use, e.g., +.BR blowfish . +.TP +.B blkc-keysz +The length of key used by the block cipher, in octets. +.TP +.B blkc-blksz +The block size of the block cipher. .PP The various sizes are useful, for example, when computing the MTU for a tunnel interface. If @@ -456,13 +472,12 @@ tunnel interface. If is the MTU of the path to the peer, then the tunnel MTU should be .IP .I MTU -\- 33 \- -.I cipher-blksz -\- -.I mac-tagsz +\- 29 \- +.I bulk-overhead .PP allowing 20 bytes of IP header, 8 bytes of UDP header, a packet type -octet, a four-octet sequence number, an IV, and a MAC tag. +octet, and the bulk-crypto transform overhead (which includes the +sequence number). .RE .SP .BI "BGCANCEL " tag @@ -478,7 +493,7 @@ or in a greeting message. .SP .B "DAEMON" Causes the server to disassociate itself from its terminal and become a -background task. This only works once. A warning is issued. +background task. This only works once. A notification is issued. .SP .BI "EPING \fR[" options "\fR] " peer Sends an encrypted ping to the peer, and expects an encrypted response. @@ -1238,6 +1253,9 @@ and the second token is the filename of the keyring. Frequently a key tag may be given next, preceded by the token .BR key . .SP +.BI "KEYMGMT private-keyring " file " key " tag " incorrect-public-key" +The private key doesn't record the correct corresponding public key. +.SP .BI "KEYMGMT public-keyring " file " key " tag " algorithm-mismatch" A peer's public key doesn't request the same algorithms as our private key. @@ -1261,6 +1279,12 @@ exchange. .BI "KEYMGMT " which "-keyring " file " io-error " ecode " " message A system error occurred while opening or reading the keyring file. .SP +.BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk +The key specifies the use of an unknown bulk-crypto transform +.IR bulk . +Maybe the key was generated wrongly, or maybe the version of Catacomb +installed is too old. +.SP .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher The key specifies the use of an unknown symmetric encryption algorithm .IR cipher .