keeping someone out / daemon keys
Parke
parke.nexus at gmail.com
Sat Sep 1 04:32:11 CEST 2018
On Fri, Aug 31, 2018 at 6:17 PM, Corey Boyle <coreybrett at gmail.com> wrote:
> Is it possible for daemonA and daemonB to communicate without having
> exchanged public keys?
If only A and B are nodes, then I believe the answer is no.
> If daemonA and daemonB have exchanged keys, and daemonA and daemonC
> have exchanged keys, can daemonA and daemonC communicate with each
> other?
I take it you mean to ask if B and C can communicate.
Yes. Any single trusted node can add any number of additional trusted
nodes to the network. Any single node can introduce a new node, and
all nodes will trust the new node.
There are some experimental settings that might reduce the level of
trust somewhat. I am aware that these experimental features exist,
but I am unfamiliar with the specifics.
> To ask it another way, how do I prevent an unauthorized daemon from
> joining the VPN?
Trust all your nodes. Don't let any single node become compromised.
Cheers,
Parke
More information about the tinc
mailing list