Some tinc clatifications
Matthew Nichols
matt.nichols at westtel.com
Mon Jul 10 18:32:05 CEST 2017
1. That entirely depends on how you have it set up (look at StrictSubnets and TunnelServer). It might also be recommended to have every node re-key itself (http://tinc-vpn.org/security/).
2. No, tinc cannot do this itself.
3. That is not a bad approach.
-----Original Message-----
From: tinc [mailto:tinc-bounces at tinc-vpn.org] On Behalf Of Alessandro Briosi
Sent: Monday, July 10, 2017 1:43 AM
To: tinc at tinc-vpn.org
Subject: Some tinc clatifications
Hi all,
I'm currently happily using tinc in my networks.
I also use OpenVPN based on the customer requirements.
I though have some questions which I could not find a clear answer.
What I'd like to know is:
1. How to revoke a "node", simply removing the host file on the servers
is enough? And one created by invitation?
2. Is there a way to let tinc ask for a username/password (like it's
possible with OpenVPN)?
(I know this might be complicated as one would have to have a
centralized or synced user db, but that's not tinc business anyway).
3. Suppose I have 3 or more tinc "servers", is it suggested that the
"hosts" directory be synced between thoose hosts?
Thank you.
Alessandro
_______________________________________________
tinc mailing list
tinc at tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
More information about the tinc
mailing list