updates.

[silc.git] / doc / example_silcd.conf.in

#
# Example configuration file.  Note that this attempts to present various
# configuration possibilities and may not actually give any sensible 
# configuration.  For real life example see the examples/ directory.
#

#
# Configured ciphers.
#
# Format: <name>:<module path>:<key length>:<block length>
#
# If the cipher is builtin the <module path> maybe omitted.
#
[Cipher]
aes-256-cbc:@MODULESDIR@/aes.sim.so:32:16
aes-192-cbc:@MODULESDIR@/aes.sim.so:24:16
aes-128-cbc:@MODULESDIR@/aes.sim.so:16:16
twofish-256-cbc:@MODULESDIR@/twofish.sim.so:32:16
twofish-192-cbc:@MODULESDIR@/twofish.sim.so:24:16
twofish-128-cbc:@MODULESDIR@/twofish.sim.so:16:16
mars-256-cbc:@MODULESDIR@/mars.sim.so:32:16
mars-192-cbc:@MODULESDIR@/mars.sim.so:24:16
mars-128-cbc:@MODULESDIR@/mars.sim.so:16:16
none:@MODULESDIR@/none.sim.so:0:0

#
# Configured hash functions.
#
# Format: <name>:<module path>:<block length>:<digest length>
#
# If the hash function is builtin the <module path> maybe omitted.
#
[Hash]
sha1::64:20
md5::64:16

#
# Configured HMAC functions. The hash function used in the HMAC must
# configured to the [hash] section.
#
# Format: <name>:<hash name>:<mac length>
#
[hmac]
hmac-sha1-96:sha1:12
hmac-md5-96:md5:12
hmac-sha1:sha1:20
hmac-md5:md5:16

#
# Configured PKCS.
#
# Format: <name>
#
[PKCS]
rsa

#
# Run SILC server as specific user and group. The server must be initially
# run as root.
#
# Format: <user>:<group>
#
[Identity]
nobody:nobody

#
# Server's administrative information.
#
# Format: <location>:<server type>:<admin's name>:<admin's email address>
#
[AdminInfo]
Kuopio, Finland:Test Server:Pekka Riikonen:priikone@poseidon.pspt.fi

#
# Server information.
#
# Format: +<server FQDN>:<server IP>:<geographic location>:<port>
#
[ServerInfo]
lassi.kuo.fi.ssh.com:10.2.1.6:Kuopio, Finland:706

#
# Server keys
#
# Format: +<public key>:<private key>
#
[ServerKeys]
@ETCDIR@/silcd.pub:@ETCDIR@/silcd.prv

#
# Listenning ports.
#
# Format: <local IP>:<Listener IP>:<port>
#
[ListenPort]
10.2.1.6:10.2.1.6:706

#
# Log files.
#
# This section is used to set various logging files, their paths
# and maximum sizes. All the other directives except those defined
# below are ignored in this section. Log files are purged after they
# reach the maximum set byte size.
#
# Format: infologfile:<path>:<max byte size>
#         warninglogile:<path>:<max byte size>
#         errorlogile:<path>:<max byte size>
#         fatallogile:<path>:<max byte size>
#
[Logging]
infologfile:@LOGSDIR@/silcd.log:10000
#warninglogfile:@LOGSDIR@/silcd_warning.log:10000
#errorlogfile:@LOGSDIR@/error.log:10000
#fatallogfile:@LOGSDIR@/silcd_error.log:

#
# Connection classes.
#
# This section is used to define connection classes. These can be
# used to optimize the server and the connections.#
#
# Format: <class number>:<ping freq>:<connect freq>:<max links>
#
[ConnectionClass]
1:100:100:100
2:200:300:400

#
# Configured client connections.
#
# Format: <remote host>:<auth method>:<auth data>:<port>:<class>
#
# The <auth data> is either passphrase or file path to the public key
# file.
#
[ClientConnection]
:::706:1

#
# Configured server administrator connections
#
# Format: <host>:<username>:<nickname>:<auth method>:<auth data>
#
# The <auth data> is either passphrase or file path to the public key
# file.
#
[AdminConnection]
10.2.1.199:priikone:pekka:passwd:veryscret

#
# Configured server connections.
#
# If server connections are configured it means that our server is
# router server.  Normal server must not configure server connections.
# Thus, if your server is not router do not configure this section.  If
# your server is router, this must be configured.
#
# Format: <remote host>:<auth method>:<auth data>:<port>:
#         <version ID>:<class>:<backup connection>
#
# The <auth data> is either passphrase or file path to the public key
# file. If the connection is backup connection then set the <backup 
# connection> to value 1. For normal connections set it 0. If it is
# set to value 1 then this server will be backup router.
#
[ServerConnection]
10.2.1.7:passwd:veryscret:706:1:1:0
10.2.1.17:passwd:veryscret13:706:1:1:1   # backup connection, that host
                                         # will use this server as backup
                                         # router.

#
# Configured router connections.
#
# For normal server only one entry maybe configured to this section.  It
# must be the router this server will be connected to.  For router server,
# this sections includes all configured router connections.  The first
# configured connection is the primary route.
#
# Format: <remote host>:<auth method>:<auth data>:<port>:<version ID>:
#         <class>:<initiator>:<backup replace IP>:<backup replace port>:
#         <local backup>
#
# The <auth data> is either passphrase or file path to the public key
# file. If you are the initiator of the connection then set the <initiator>
# to value 1.  If you are the responder of the connection (waiting for 
# incoming connection) then set it to 0.
#
# If the connection is backup router connection then set the <backup
# replace IP> to the IP address of the router that the backup router will
# replace if it becomes unavailable.  Set also the router's port to the
# <backup replace port>.  For normal connection leave both empty. If this
# backup router is in our cell then set the <local backup> to value 1.
# If the backup router is in other cell then set it to value 0.
#
[RouterConnection]
#10.2.1.100:passwd:veryverysecret:706:1:1:1
#10.2.100.131:pubkey:/path/to/the/publickey:706:1:1:1
#10.2.100.100:pubkey:/path/to/the/publickey:706:1:1:0:10.2.1.6:706:1

#
# Denied connections.
#
# These connections are denied to connect our server.
#
# Format: <remote host>:<port>:<comment>
#
[DenyConnection]
#10.2.1.99:0:Your connection has been denied

#
#Message Of The Day
#
#specify the text file containing the motd:
#
#[motd]
#@ETCDIR@/motd.txt

#
#pidfile
#
#speficy the pidfile where it will be written:
#
[pid]
@PIDFILE@