@SYNTAX:key@
-This command is used to set and unset private keys for
-channels, set and unset private keys for private messages
-with remote clients and to send key agreement requests and
-negotiate the key agreement protocol with remote client.
-The key agreement is supported only to negotiate private
-message keys, it currently cannot be used to negotiate
-private keys for channels, as it is not convenient for that
-purpose.
+This command is used to set and unset private channel keys,
+set and unset private message keys with remote users, and
+to send key agreement requests and negotiate the key agreement
+protocol with remote user. The key agreement is supported only
+to negotiate private message keys, it currently cannot be used
+to negotiate channel private keys.
Types:
Commands:
- set [<key> [<cipher>] [<hmac>]] [-responder]
+ set [<key> [<cipher>] [<hmac>]]
- Set the key into use. If the <key> is provided it is used
- as the key material. If the <key> is not provided the
- negotiated key material is used. If the negotiation has not
- been performed this command has no effect.
+ Set the key into use. The <key> is a pre-shared-key,
+ passphrase or similar shared secret string. Setting
+ the key without first receiving a request from the
+ remote user, this command will send the request to the
+ remote user. The actual key is not sent to network.
- If the type is MSG and the <key> is `*' then random key
- will be generated automatically. The -responder option
- may be used ONLY with MSG type. One of the clients must
- be the responder side. The one being the responder must
- use this option. The clients setting the key must agree
- on which one is the responder.
+ Optionally, the <cipher> and <hmac> may also be set.
unset [<number>]
next key is changed to current channel private key. By default
this command is also bound to Meta-K (Alt+Shift+k) key.
- agreement [<hostname> [<port>]]
+ agreement [<hostname> [<port>] [<TCP|UDP>]]
Send key agreement request to remote client. If the
<hostname> is provided it is sent in the request. The
not provided then the receiver will never initiate the key
agreement. In this case you may start the key agreement
after receiving the reply to the request, by giving the
- negotiate command.
+ negotiate command. By default the key agreement connection
+ is TCP connection. UDP connection may also be defined.
+ (Note that, older SILC clients (1.0.x) does not support UDP).
This command may be used to send reply to the remote client.
When receiving empty key agreement you can reply to the
sender with the hostname and port of your key agreement
server with this command.
- If the hostname and port are ommitted, the irssi boolean
+ If the hostname and port are ommitted, the boolean
variable use_auto_addr will be examined. If it is set
the value of auto_bind_ip will be used as the IP address
to listen for the return reply, the value of auto_public_ip
will be the IP address sent to the remote client, and the
auto_bind_port will be the port value to be bound to and
sent to the remote client. If auto_public_ip is unset, but
- auto_bind_ip is set, irssi will send the auto_bind_ip
+ auto_bind_ip is set, silc client will send the auto_bind_ip
variable's value to the remote client.
- negotiate [<hostname> [<port>]]
+ negotiate [<hostname> [<port>] [<TCP|UDP>]]
This may be called to start the key agreement with <nickname>.
This command has effect only if the <nickname> has replied to
your key agreement request. You will see a notify on the
screen when the reply arrives. The <hostname> and <port> is the
hostname and port of the remote client's key agreement server.
+ The request tells the connection protocol used, usually TCP.
+ If UDP was requested it must be provided.
Examples:
/KEY CHANNEL * set very_secret_key_this_is
/KEY CHANNEL * list
- /KEY MSG nickname set secretkey
- /KEY MSG nick set secretkey -responder
- /KEY MSG foo agreement 10.2.1.7 5000
- /KEY MSG bar negotiate 10.2.1.7 5000
+
+ Set private message key with a friend:
+
+ foobar: /KEY MSG friend set secretkey
+ friend: /KEY MSG foobar set secretkey
+
+ Perform key agreement:
+
+ bar: /KEY MSG foo agreement 10.2.1.7 5000
+ foo: /KEY MSG bar negotiate 10.2.1.7 5000
+
+ bar: /KEY MSG foo agreement 10.2.1.7 5000 UDP
+ foo: /KEY MSG bar negotiate 10.2.1.7 5000 UDP
See also: WHOIS, CHANNEL, GETKEY
projects / silc.git / blobdiff