X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/5a9dea88b9a56c883a0f3da76efda8329db46abb..18969e42a11e11ef8a3ea81eaf0038e8e74e004d:/server/tripe-admin.5.in

diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in
index 66537ad3..3e7bd8ef 100644
--- a/server/tripe-admin.5.in
+++ b/server/tripe-admin.5.in
@@ -571,10 +571,24 @@ responses are the same as for the
 .B PING
 command.
 .SP
-.BI "FORCEKX " peer
+.BI "FORCEKX \fR[" options "\fR] " peer
 Requests the server to begin a new key exchange with
 .I peer
-immediately.
+immediately.  The following options are recognized.
+.RS
+.\"+opts
+.TP
+.B "\-quiet"
+Don't actually start a new key exchange; just quietly mark any previous
+key exchange as stale so that a fresh attempt from the peer will
+succeed.  This is was introduced for use during testing, but it's also
+useful when a remote peer has forgotten about us: it would be
+annoying if, once it's learns about us and tries to reinitiate a key
+exchange, we ignore it because we think we've already done one recently;
+on the other hand, forcing a key exchange before the remote peer has
+been reinformed about us is a waste of packets.
+.\"-opts
+.RE
 .SP
 .B "GETCHAL"
 Requests a challenge.  The challenge is returned in an
@@ -614,9 +628,24 @@ line giving the tag for each outstanding background job.
 .BI "KILL " peer
 Causes the server to forget all about
 .IR peer .
-All keys are destroyed, and no more packets are sent.  No notification
-is sent to the peer: if it's important that the peer be notified, you
-must think of a way to do that yourself.
+All keys are destroyed, and no more packets are sent.  A
+.B bye
+message is sent to the peer if it's marked as
+.B "\-ephemeral"
+\(en see the
+.B "ADD"
+command.  The following options are
+recognized.
+.RS
+.\"+opts
+.TP
+.B "\-quiet"
+Suppress any
+.B bye
+message to an ephemeral peer: just quietly forget about it.  This is
+used during testing, and is not expected to be generally useful.
+.\"-opts
+.RE
 .SP
 .B "LIST"
 For each currently-known peer, an
@@ -1512,8 +1541,9 @@ implementation of HMAC for the selected hash function
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk
 The key specifies the use of an unknown bulk-crypto transform
 .IR bulk .
-Maybe the key was generated wrongly, or maybe the version of Catacomb
-installed is too old.
+Maybe the key was generated wrongly, or maybe the version of
+.BR tripe (8)
+is too old.
 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher
 The key specifies the use of an unknown symmetric encryption algorithm
@@ -1550,7 +1580,9 @@ version of Catacomb installed is too old.
 The key specifies the use of an unknown serialization format
 .I ser
 for hashing group elements.  Maybe the key was generated wrongly, or
-maybe the version of Catacomb installed is too old.
+maybe the version of
+.BR tripe (8)
+is too old.
 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unsuitable-aead-cipher " cipher "no-aad"
 The key specifies the use of an authenticated encryption scheme