Obtain public key
Sven-Haegar Koch
haegar at sdinet.de
Wed Jan 14 21:40:19 CET 2015
On Wed, 14 Jan 2015, Guus Sliepen wrote:
> On Wed, Jan 14, 2015 at 02:17:31PM +0000, Martin wrote:
>
> > Fantastic, having it in the CLI would great. It is for the reason of users
> > losing the pub key that I ask, writing some docs for an internal network.
> > Ah interesting, I finally found openssl does not have the 25519 curve in
> > there(and no plans to do so looks like) but I was not aware there was non
> > standard priv key format either.
> >
> > Would it make sense for the
> >
> > tinc -n <netname> get Ed25519PublicKey
> >
> > To have some logic to derive the pub key it if it's not already in the
> > hosts file? Just to avoid adding another command to the tinc CLI.
>
> Adding another command is easy. Actually, I'm thinking of adding a
> "fsck" or "check" command that checks whether everything is in order,
> like configuration file permissions (executable bit on tinc-up for
> example), misspelled variable names in the config files, and possibly
> repairs what it can. And of course then also recreate the public keys if
> necessary.
Hallo Guus,
I would like to have special commands to extract the public keys for
both RSA and ed25519 also for ChaosVPN.
As we dynamically recreate all the hosts files we currently have to make
sure that the public keys are in /etc/tinc/chaos/rsa_key.pub and
/etc/tinc/chaos/ed25519_key.pub - which they are when you create the
keys before you have any hosts files. But if you do it later they get
put into hosts/something and get overwritten on the next recreate...
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.
More information about the tinc
mailing list