2 # Example configuration file. Note that this attempts to present various
3 # configuration possibilities and may not actually give any sensible
4 # configuration. For real life example see the examples/ directory.
10 # Format: <name>:<module path>:<key length>:<block length>
12 # If the cipher is builtin the <module path> maybe omitted.
15 aes-256-cbc:@MODULESDIR@/aes.sim.so:32:16
16 aes-192-cbc:@MODULESDIR@/aes.sim.so:24:16
17 aes-128-cbc:@MODULESDIR@/aes.sim.so:16:16
18 twofish-256-cbc:@MODULESDIR@/twofish.sim.so:32:16
19 twofish-192-cbc:@MODULESDIR@/twofish.sim.so:24:16
20 twofish-128-cbc:@MODULESDIR@/twofish.sim.so:16:16
21 mars-256-cbc:@MODULESDIR@/mars.sim.so:32:16
22 mars-192-cbc:@MODULESDIR@/mars.sim.so:24:16
23 mars-128-cbc:@MODULESDIR@/mars.sim.so:16:16
24 none:@MODULESDIR@/none.sim.so:0:0
27 # Configured hash functions.
29 # Format: <name>:<module path>:<block length>:<digest length>
31 # If the hash function is builtin the <module path> maybe omitted.
38 # Configured HMAC functions. The hash function used in the HMAC must
39 # configured to the [hash] section.
41 # Format: <name>:<hash name>:<mac length>
58 # Run SILC server as specific user and group. The server must be initially
61 # Format: <user>:<group>
67 # Server's administrative information.
69 # Format: <location>:<server type>:<admin's name>:<admin's email address>
72 Kuopio, Finland:Test Server:Pekka Riikonen:priikone@poseidon.pspt.fi
77 # Format: +<server FQDN>:<server IP>:<geographic location>:<port>
80 lassi.kuo.fi.ssh.com:10.2.1.6:Kuopio, Finland:706
85 # Format: +<public key>:<private key>
88 @ETCDIR@/silcd.pub:@ETCDIR@/silcd.prv
93 # Format: <local IP>:<Listener IP>:<port>
101 # This section is used to set various logging files, their paths
102 # and maximum sizes. There are only four defined channels allowed for
103 # defining (see list below).
104 # The log channels have an importance value, and most important channels
105 # are printed on the less important ones, thus setting the logging file
106 # for "infologfile" will ensure logging for all channels, while setting
107 # logging file for "errorlogfile" will ensure logging for channels
108 # "error" and "fatal" only.
109 # If a message can't find a valid output file it will be discarded, thus,
110 # if you unset all files you will completely disable server logging (and
111 # this is NOT recommended).
112 # If maximum size is given, the logfile will be rotated to a logfile with
113 # the ".old" extension added. Older logfiles are flushed.
115 # Format: infologfile:<path>:<max byte size>
116 # warninglogile:<path>:<max byte size>
117 # errorlogile:<path>:<max byte size>
118 # fatallogile:<path>:<max byte size>
121 infologfile:@LOGSDIR@/silcd.log:50000
122 warninglogfile:@LOGSDIR@/silcd_warnings.log:50000
123 #errorlogfile:@LOGSDIR@/silcd_errors.log:50000
124 #fatallogfile:@LOGSDIR@/silcd_fatals.log:
127 # Connection classes.
129 # This section is used to define connection classes. These can be
130 # used to optimize the server and the connections.#
132 # Format: <class number>:<ping freq>:<connect freq>:<max links>
139 # Configured client connections.
141 # Format: <remote host>:<auth method>:<auth data>:<port>:<class>
143 # The <auth data> is either passphrase or file path to the public key
150 # Configured server administrator connections
152 # Format: <host>:<username>:<nickname>:<auth method>:<auth data>
154 # The <auth data> is either passphrase or file path to the public key
158 10.2.1.199:priikone:pekka:passwd:veryscret
161 # Configured server connections.
163 # If server connections are configured it means that our server is
164 # router server. Normal server must not configure server connections.
165 # Thus, if your server is not router do not configure this section. If
166 # your server is router, this must be configured.
168 # Format: <remote host>:<auth method>:<auth data>:<port>:
169 # <version ID>:<class>:<backup connection>
171 # The <auth data> is either passphrase or file path to the public key
172 # file. If the connection is backup connection then set the <backup
173 # connection> to value 1. For normal connections set it 0. If it is
174 # set to value 1 then this server will be backup router.
177 10.2.1.7:passwd:veryscret:706:1:1:0
178 10.2.1.17:passwd:veryscret13:706:1:1:1 # backup connection, that host
179 # will use this server as backup
183 # Configured router connections.
185 # For normal server only one entry maybe configured to this section. It
186 # must be the router this server will be connected to. For router server,
187 # this sections includes all configured router connections. The first
188 # configured connection is the primary route.
190 # Format: <remote host>:<auth method>:<auth data>:<port>:<version ID>:
191 # <class>:<initiator>:<backup replace IP>:<backup replace port>:
194 # The <auth data> is either passphrase or file path to the public key
195 # file. If you are the initiator of the connection then set the <initiator>
196 # to value 1. If you are the responder of the connection (waiting for
197 # incoming connection) then set it to 0.
199 # If the connection is backup router connection then set the <backup
200 # replace IP> to the IP address of the router that the backup router will
201 # replace if it becomes unavailable. Set also the router's port to the
202 # <backup replace port>. For normal connection leave both empty. If this
203 # backup router is in our cell then set the <local backup> to value 1.
204 # If the backup router is in other cell then set it to value 0.
207 #10.2.1.100:passwd:veryverysecret:706:1:1:1
208 #10.2.100.131:pubkey:/path/to/the/publickey:706:1:1:1
209 #10.2.100.100:pubkey:/path/to/the/publickey:706:1:1:0:10.2.1.6:706:1
212 # Denied connections.
214 # These connections are denied to connect our server.
216 # Format: <remote host>:<port>:<comment>
219 #10.2.1.99:0:Your connection has been denied
224 # specify the text file containing the motd:
232 # specify the pidfile where it will be written: