TINCCTL(8)                                         BSD System Manager's Manual                                        TINCCTL(8)

NAME
     tincctl — tinc VPN control

SYNOPSIS
     tincctl [-cn] [--config=DIR] [--net=NETNAME] [--pidfile=FILENAME] [--help] [--version] COMMAND

DESCRIPTION
     This is the control program of tinc, a secure virtual private network (VPN) project.  tincctl communicates with tincd(8) to
     alter and inspect the running VPN's state.

OPTIONS
     -n, --net=NETNAME
             Communicate with tincd(8) connected with NETNAME.

     --pidfile=FILENAME
             Use the cookie from FILENAME to authenticate with a running tinc daemon.  If unspecified, the default is
             /var/run/tinc.NETNAME.pid.

     --help  Display short list of options.

     --version
             Output version information and exit.

COMMANDS
     start   Start tincd(8).

     stop    Stop tincd(8).

     restart
             Restart tincd(8).

     reload  Partially rereads configuration files. Connections to hosts whose host config files are removed are closed. New
             outgoing connections specified in tinc.conf(5) will be made.

     pid     Shows the PID of the currently running tincd(8).

     generate-keys [bits]
             Generate both RSA and ECDSA keypairs (see below) and exit.

     generate-ecdsa-keys
             Generate public/private ECDSA keypair and exit.

     generate-rsa-keys [bits]
             Generate public/private RSA keypair and exit.  If bits is omitted, the default length will be 2048 bits.  When sav‐
             ing keys to existing files, tinc will not delete the old keys; you have to remove them manually.

     dump nodes
             Dump a list of all known nodes in the VPN.

     dump edges
             Dump a list of all known connections in the VPN.

     dump subnets
             Dump a list of all known subnets in the VPN.

     dump connections
             Dump a list of all meta connections with ourself.

     dump graph
             Dump a graph of the VPN in dotty(1) format.

     purge   Purges all information remembered about unreachable nodes.

     debug N
             Sets debug level to N.

     retry   Forces tincd(8) to try to connect to all uplinks immediately.  Usually tincd(8) attempts to do this itself, but
             increases the time it waits between the attempts each time it failed, and if tincd(8) didn't succeed to connect to
             an uplink the first time after it started, it defaults to the maximum time of 15 minutes.

     disconnect NODE
             Closes the meta connection with the given NODE.

     top     If tincctl is compiled with libcurses support, this will display live traffic statistics for all the known nodes,
             similar to the UNIX top(1) command.  See below for more information.

     pcap    Dump VPN traffic going through the local tinc node in pcap-savefile(5) format to standard output, from where it can
             be redirected to a file or piped through a program that can parse it directly, such as tcpdump(8).

EXAMPLES
     Examples of some commands:

           tincctl -n vpn dump graph | circo -Txlib
           tincctl -n vpn pcap | tcpdump -r -
           tincctl -n vpn top

TOP
     The top command connects to a running tinc daemon and repeatedly queries its per-node traffic counters.  It displays a list
     of all the known nodes in the left-most column, and the amount of bytes and packets read from and sent to each node in the
     other columns.  By default, the information is updated every second.  The behaviour of the top command can be changed using
     the following keys:

     s           Change the interval between updates.  After pressing the s key, enter the desired interval in seconds, followed
                 by enter.  Fractional seconds are honored.  Intervals lower than 0.1 seconds are not allowed.

     c           Toggle between displaying current traffic rates (in packets and bytes per second) and cummulative traffic
                 (total packets and bytes since the tinc daemon started).

     n           Sort the list of nodes by name.

     i           Sort the list of nodes by incoming amount of bytes.

     I           Sort the list of nodes by incoming amount of packets.

     o           Sort the list of nodes by outgoing amount of bytes.

     O           Sort the list of nodes by outgoing amount of packets.

     t           Sort the list of nodes by sum of incoming and outgoing amount of bytes.

     T           Sort the list of nodes by sum of incoming and outgoing amount of packets.

     b           Show amount of traffic in bytes.

     k           Show amount of traffic in kilobytes.

     M           Show amount of traffic in megabytes.

     G           Show amount of traffic in gigabytes.

     q           Quit.

BUGS
     If you find any bugs, report them to tinc@tinc-vpn.org.
     tincd(8), tinc.conf(5), dotty(1), pcap-savefile(7), tcpdump(8), top(1), http://www.tinc-vpn.org/, http://www.cabal.org/.

     The full documentation for tinc is maintained as a Texinfo manual.  If the info and tinc programs are properly installed at
     your site, the command info tinc should give you access to the complete manual.

     tinc comes with ABSOLUTELY NO WARRANTY.  This is free software, and you are welcome to redistribute it under certain condi‐
     tions; see the file COPYING for details.

AUTHORS
     Ivo Timmermans
     Guus Sliepen ⟨guus@tinc-vpn.org⟩

     And thanks to many others for their contributions to tinc!

                                                          July 17, 2011