pkcipe(8)
NAME
pkcipe - PK implementation for CIPE
SYNOPSIS
pkcipe [OPTIONS] NAME
DESCRIPTION
pkcipe is a helper tool to set up VPNs using CIPE.
- Each machine in the VPN has an identity (such as its host
- name) and a public/private RSA key pair. The private key is
- stored in /etc/cipe/identity.priv. For every allowed CIPE connec
- tion, the public key of the other part is stored, along with con
- figuration parameters, in /etc/cipe/pk/NAME (where NAME is the
- identity of the other part). Thus storing a public key gives per
- mission to connect, similar to the SSH package (it is important
- to know how this works to not open holes).
- For a quick overview on how to set up pkcipe on a Debian
- system, please refer to /usr/share/doc/pkcipe/README.Debian.gz.
- There is also more information on how to invoke pkcipe in
- /usr/share/doc/pkcipe/README.gz.
OPTIONS
A summary of the pkcipe options is included below.
-i To be invoked from inetd. Incompatible with -c.
- -c host:port
- To connect to host:port. Incompatible with -i.
- -k keyfile
- Gives location of private key file.
- -r ipaddr
- Routing IP address. Only for unusual cases, s.b.
- -D flags
- Debugging flags.
- -E Use stderr instead of syslog. (Debugging only, in
- compatible with -i.)
- -p proto
- Fall back to given protocol level.
- -t secs
- Set timeout.
SEE ALSO
AUTHOR
- This manual page was written by Sam Hocevar <sam@zoy.org>
- for the Debian system (but may be used by others).
Mar 28, 2003