This repository has been archived by the owner on May 1, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
wiresep.8
102 lines (102 loc) · 2.86 KB
/
wiresep.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
.\" Copyright (c) 2019, 2020 Tim Kuijsten
.\"
.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 5 2020 $
.Dt WIRESEP 8
.Os
.Sh NAME
.Nm wiresep
.Nd WireGuard daemon
.Sh SYNOPSIS
.Nm
.Op Fl dnVv
.Op Fl f Ar file
.Sh DESCRIPTION
The
.Nm
daemon runs WireGuard on one or more tunnel interfaces.
.Pp
If sent a
.Dv SIGUSR1
signal,
.Nm
logs statistics.
.Pp
The arguments are as follows.
.Bl -tag -width Ds
.It Fl d
Do not daemonize but stay in foreground.
.It Fl f Ar file
Use
.Ar file
as the configuration file instead of the default.
.It Fl n
Config test mode.
No output is shown if there are no errors.
.It Fl V
Print the version of WireSep.
.It Fl v
Be verbose.
Specify once or twice when troubleshooting the network, more is probably only
interesting if you're a developer.
.El
.Ss KEY FILE FORMAT
The format for both private keys and pre-shared keys is the same.
A file should contain only one key which must be encoded in Base64.
Any blank line in the file or lines that start with a
.Sq #
are ignored, as well as any text that follows a key.
The file must be owned by the superuser and may not have any permission bits set
for the group or others.
Note that both private keys and pre-shared keys can be conveniently generated
with
.Xr wiresep-keygen 1 .
.Sh FILES
.Pa /etc/wiresep/wiresep.conf
default configuration file used by
.Nm
.Pp
The following default locations are used for keys if not configured otherwise.
Only the private key for an interface is mandatory, all pre-shared keys are
optional.
.Pp
.Pa /etc/wiresep/tunN.privkey
default location of the private key used for an interface.
.Ar tunN
must correspond to the name of a configured interface.
.Pp
.Pa /etc/wiresep/global.psk
default location of a global pre-shared key
.Pp
.Pa /etc/wiresep/tunN.psk
default location of an interface specific pre-shared key
.Pp
.Pa /etc/wiresep/tunN.peer.psk
default location of a peer specific pre-shared key
.Pp
Note that
.Ar tunN
and
.Ar peer
should be substituted for the actual name of a configured interface and peer.
.Sh EXIT STATUS
The
.Nm
daemon exits 0 after receiving a TERM signal, or >0 if an error occurs.
.Sh SEE ALSO
.Xr wiresep-keygen 1 ,
.Xr wiresep.conf 5
.Sh AUTHORS
.An -nosplit
.An Tim Kuijsten