-.Dd 2009-05-18
+.Dd 2014-05-11
.Dt TINCD 8
.\" Manual page created by:
.\" Ivo Timmermans
.Nd tinc VPN daemon
.Sh SYNOPSIS
.Nm
-.Op Fl cdDkKnLRU
+.Op Fl cdDkKnoLRU
.Op Fl -config Ns = Ns Ar DIR
.Op Fl -no-detach
.Op Fl -debug Ns Op = Ns Ar LEVEL
.Op Fl -kill Ns Op = Ns Ar SIGNAL
.Op Fl -net Ns = Ns Ar NETNAME
.Op Fl -generate-keys Ns Op = Ns Ar BITS
+.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE
.Op Fl -mlock
.Op Fl -logfile Ns Op = Ns Ar FILE
.Op Fl -pidfile Ns = Ns Ar FILE
.It Fl n, -net Ns = Ns Ar NETNAME
Connect to net
.Ar NETNAME .
+This will let tinc read all configuration files from
+.Pa @sysconfdir@/tinc/ Ar NETNAME .
+Specifying
+.Li .
+for
+.Ar NETNAME
+is the same as not specifying any
+.Ar NETNAME .
.It Fl K, -generate-keys Ns Op = Ns Ar BITS
Generate public/private RSA keypair and exit.
If
.Ar BITS
-is omitted, the default length will be 1024 bits.
+is omitted, the default length will be 2048 bits.
When saving keys to existing files, tinc will not delete the old keys,
you have to remove them manually.
+.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE
+Without specifying a
+.Ar HOST ,
+this will set server configuration variable
+.Ar KEY
+to
+.Ar VALUE .
+If specified as
+.Ar HOST.KEY=VALUE ,
+this will set the host configuration variable
+.Ar KEY
+of the host named
+.Ar HOST
+to
+.Ar VALUE .
+This option can be used more than once to specify multiple configuration variables.
.It Fl L, -mlock
Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
Only useful for debugging.
-.It Fl -chroot
+.It Fl R, -chroot
With this option tinc chroots into the directory where network
config is located (@sysconfdir@/tinc/NETNAME if -n option is used,
or to the directory specified with -c option) after initialization.
-.It Fl -user Ns = Ns Ar USER
+.It Fl U, -user Ns = Ns Ar USER
setuid to the specified
.Ar USER
after initialization.
New outgoing connections specified in
.Pa tinc.conf
will be made.
+If the
+.Fl -logfile
+option is used, this will also close and reopen the log file,
+useful when log rotation is used.
.It INT
Temporarily increases debug level to 5.
Send this signal again to revert to the original level.
A lot, especially security auditing.
.Sh SEE ALSO
.Xr tinc.conf 5 ,
-.Pa http://www.tinc-vpn.org/ ,
+.Pa https://www.tinc-vpn.org/ ,
.Pa http://www.cabal.org/ .
.Pp
The full documentation for tinc is maintained as a Texinfo manual.