How does tinc server handle the case one client's key file is removed after connection
Guus Sliepen
guus at tinc-vpn.org
Mon Jul 25 18:28:23 CEST 2016
On Mon, Jul 25, 2016 at 12:16:36PM -0400, Heng Wang wrote:
> Say when tinc is running all good, the "server" contains all the key files
> of clients.
> If we remove the key file for client A during run, how long before does
> server find out the key
> file is gone? I see a "KeyExpire" option in the conf file, is this the time?
KeyExpire is the time used for session keys, it doesn't apply to public
keys loaded from config files.
Normally tinc should reread the host config file each time a connection
is made. But existing connections will normally be kept alive. To force
tinc to disconnect peers when their host config file is removed, send
the server tincd the HUP signal:
tincd -n <netname> -kHUP
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160725/5523ab5f/attachment.sig>
More information about the tinc
mailing list