4 This command is used to set and unset private keys for
5 channels, set and unset private keys for private messages
6 with remote clients and to send key agreement requests and
7 negotiate the key agreement protocol with remote client.
8 The key agreement is supported only to negotiate private
9 message keys, it currently cannot be used to negotiate
10 private keys for channels, as it is not convenient for that
15 MSG The command is performed for private messages
16 affecting the <nickname>.
18 CHANNEL The command is performed for the channel indicated
19 by <channel> (* matches current channel).
23 set [<key> [<cipher>] [<hmac>]] [-responder]
25 Set the key into use. If the <key> is provided it is used
26 as the key material. If the <key> is not provided the
27 negotiated key material is used. If the negotiation has not
28 been performed this command has no effect.
30 If the type is MSG and the <key> is `*' then random key
31 will be generated automatically. The -responder option
32 may be used ONLY with MSG type. One of the clients must
33 be the responder side. The one being the responder must
34 use this option. The clients setting the key must agree
35 on which one is the responder.
39 Unset the key. The private key is not used after this
40 command. The key must be set again or the key material must
41 be re-negotiated to be able to use the private keys again.
42 The channel may have several private keys set. The <number>
43 can be used to indicate what key is being unset. If it is
44 not provided all keys are removed.
48 List all private keys that has been set. If the type is
49 MSG and the <nickname> is ยด*' then all private message
50 keys that you've set will be listed.
54 This command can be used only when type is CHANNEL. This is
55 used to change the current channel private key. The <number>
56 may indicate what key is changed. If it is not provided then
57 next key is changed to current channel private key. By default
58 this command is also bound to Meta-K (Alt+Shift+k) key.
60 agreement [<hostname> [<port>]]
62 Send key agreement request to remote client. If the
63 <hostname> is provided it is sent in the request. The
64 receiver may use the hostname to start the key agreement.
65 If the <port> is also provided your key agreement protocol
66 server is bound to that port. Note that it cannot be
67 privileged port (<1024). If the <hostname> and <port> is
68 not provided then the receiver will never initiate the key
69 agreement. In this case you may start the key agreement
70 after receiving the reply to the request, by giving the
73 This command may be used to send reply to the remote client.
74 When receiving empty key agreement you can reply to the
75 sender with the hostname and port of your key agreement
76 server with this command.
78 If the hostname and port are ommitted, the boolean
79 variable use_auto_addr will be examined. If it is set
80 the value of auto_bind_ip will be used as the IP address
81 to listen for the return reply, the value of auto_public_ip
82 will be the IP address sent to the remote client, and the
83 auto_bind_port will be the port value to be bound to and
84 sent to the remote client. If auto_public_ip is unset, but
85 auto_bind_ip is set, silc client will send the auto_bind_ip
86 variable's value to the remote client.
88 negotiate [<hostname> [<port>]]
90 This may be called to start the key agreement with <nickname>.
91 This command has effect only if the <nickname> has replied to
92 your key agreement request. You will see a notify on the
93 screen when the reply arrives. The <hostname> and <port> is the
94 hostname and port of the remote client's key agreement server.
98 Set channel private key to current channel, and list all keys:
100 /KEY CHANNEL * set very_secret_key_this_is
102 /KEY MSG nickname set secretkey
103 /KEY MSG nick set secretkey -responder
104 /KEY MSG foo agreement 10.2.1.7 5000
105 /KEY MSG bar negotiate 10.2.1.7 5000
107 See also: WHOIS, CHANNEL, GETKEY