X-Git-Url: https://git.distorted.org.uk/~mdw/userv-utils/blobdiff_plain/0fe65164e3f6f9ae58e4912dcc19f7e0ab3c41a6..45fa312ed19a30259ba0ec3fb04d769c1f8f0263:/ipif/INSTALL?ds=sidebyside

diff --git a/ipif/INSTALL b/ipif/INSTALL
index 87f41cd..c2aabee 100644
--- a/ipif/INSTALL
+++ b/ipif/INSTALL
@@ -1,20 +1,35 @@
-NB that this is a very bare set of installation instructions !  It
-describes a `default' configuration; you can do more esoteric things
-if you wish.
+This directory contains:
+
+* A userv service (`ipif') for allowing users to create network
+interfaces and handle the traffic for them.  For instructions, see the
+comment at the top of service.c.
+
+* A VPN tunnelling system based on that userv service, which does
+encryption and can be used to join two networks.  It uses its own
+nonstandard protocols, not IPSEC.  Key setup is done via an ssh
+connection.  For installation instructions, read this file.
+
+These tools have only been tested on GNU/Linux, and the ipif service
+in particular uses the Linux-specific `slattach' utility.
+
+NB that this is a very bare set of installation instructions for the
+VPN system !  It describes a fairly `default' configuration; you can
+do more esoteric things if you wish.
 
 
 In any case, on each tunnel endpoint system (not the eventual
 end-system, but the point where the packets are `detunnelled'):
 
-* Install userv, 0.95.0 or later.  This should be in Debian.
-* Get userv-utils 0.1.9 from the location above, unpack it, cd to the
-  `ipif' subdirectory, and say `make' then `really make install'.
+* Install userv, 1.0.1 or later.  This should be in Debian.  Get this
+* package, userv-utils from the location above, unpack it, cd to the
+  `ipif' subdirectory, and say `make' then as root `make install'.
 
 
-The tunnel is always set up by one of its endpoints, using ssh.  So
-the active endpoint must have ssh installed; the passive endpoint must
-have sshd accessible to the active endpoint, and be willing to allow
-the active endpoint to run the appropriate command.
+The tunnel is always set up by one of its endpoints, using ssh (we
+recommend you use OpenSSH).  So the active endpoint must have ssh
+installed; the passive endpoint must have sshd accessible to the
+active endpoint, and be willing to allow the active endpoint to run
+the appropriate command.
 
 So: create an account for the active endpoint on the passive.  You
 probably want to use RSAAuthentication, so configure the relevant key
@@ -186,8 +201,10 @@ Look at the error messages, they will hopefully be informative.
 If you see a message from `slattach' about being unable to open /dev/2
 or some such, then you need to upgrade your `slattach'.  In Debian
 GNU/Linux it's in the `netbase' package, and the fix is in 3.16-3 and
-later.  The relevant Debian bug reports are #45515 and #45944, and Ian
-Jackson can supply the patch to slattach or a working binary.
+later; however the bug has regressed, and is known to be in 3.18-4 and
+earlier.  The relevant Debian bug reports are #45515 (now closed) and
+#45944.  A patch to correct 3.18-4 is in this directory as
+`slattach.diff'.
 
 
-$Id: INSTALL,v 1.1 2000/06/21 22:48:29 ian Exp $
+$Id: INSTALL,v 1.3 2000/08/13 20:23:23 ian Exp $