X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2FHOWTO;fp=doc%2FHOWTO;h=2e0a55f783cf5e55d27dcda5c9bba5da6710a5cf;hp=813ec2e3f9daedbb28e62405728d76b0971fa661;hb=28a140668f892873b01afe104d21db4adb8fd8c7;hpb=79ad21c392e56cad2556e7693b9639d8e2346a59

diff --git a/doc/HOWTO b/doc/HOWTO
index 813ec2e3..2e0a55f7 100644
--- a/doc/HOWTO
+++ b/doc/HOWTO
@@ -110,12 +110,24 @@ The passphrases
 ---------------
 We will have to generate keys for ourselves, and get a key from everybody
 we want to ConnectTo. All of these go into a directory named
-/etc/tinc/passphrases. To generate our own key:
+/etc/tinc/passphrases. PROTECT THIS DIRECTORY!
+
+	mkdir -m 700 /etc/tinc/passphrases
+
+To generate our own key:
 
 	genauth 1024 >/etc/tinc/passphrases/local
 
 You should then proceed to give this key to anyone who wants to ConnectTo
-you.
+you. DO THIS IN A SECURE MANNER! Anyone who has this number can do icky
+things to the umbrella network! Encrypt it using PGP, GPG or another
+program using asymetric keys. Read it over the phone (without anyone
+listening of course). Send it by snailmail. Write the key down and bring
+it to your partners yourself!
+
+If you get any keys from your partners, store them under their network
+number. For example, the key we get from fdiv's network administrator
+will be stored in /etc/tinc/passphrases/192.168.2.0 (note the 0).
 
 --
-$Id: HOWTO,v 1.3 2000/06/30 20:57:30 wsl Exp $
+$Id: HOWTO,v 1.4 2000/06/30 21:09:32 wsl Exp $