@SYNTAX:key@
-Format: msg|channel <nickname|channel>
- set|unset|list|agreement|negotiate [<arguments>]
-
This command is used to set and unset private keys for
channels, set and unset private keys for private messages
with remote clients and to send key agreement requests and
private keys for channels, as it is not convenient for that
purpose.
-Types:
+Types:
- msg The command is performed for private messages
- affecting the <nickname>.
+ MSG The command is performed for private messages
+ affecting the <nickname>.
- channel The command is performed for channel affecting
- the <channel>.
+ CHANNEL The command is performed for the channel indicated
+ by <channel> (* matches current channel).
Commands:
- set [<key> [<cipher>] [<hmac>]]
-
- Set the key into use. If the <key> is provided it
- is used as the key material. If the <key> is not
- provided the negotiated key material is used. If
- the negotiation has not been performed this command
- has no effect.
-
- If the type is `msg' and the <key> is `*' then
- random key will be generated automatically.
-
- The <cipher> may be set for both private message
- and channel private keys and the <hmac> may be set
- only to the channel private keys.
-
- unset [<number>]
-
- Unset the key. The private key is not used after
- this command. The key must be set again or the key
- material must be re-negotiated to be able to use
- the private keys again.
-
- The channel may have several private keys set. The
- <number> can be used to indicate what key is being
- unset. If it is not provided all keys are removed.
-
- list List all private keys that has been set.
-
- If the type is `msg' and the <nickname> is ´*' then
- all private message keys that you've set will be
- listed.
-
- agreement [<hostname> [<port>]]
-
- Send key agreement request to remote client. If
- the <hostname> is provided it is sent in the request.
- The receiver may use the hostname to start the
- key agreement. If the <port> is also provided your
- key agreement protocol server is bound to that
- port. Note that it cannot be privileged port (<1023).
- If the <hostname> and <port> is not provided then
- the receiver will never initiate the key agreement.
- In this case you may start the key agreement after
- receiving the reply to the request, by giving the
+ set [<key> [<cipher>] [<hmac>]] [-responder]
+
+ Set the key into use. If the <key> is provided it is used
+ as the key material. If the <key> is not provided the
+ negotiated key material is used. If the negotiation has not
+ been performed this command has no effect.
+
+ If the type is MSG and the <key> is `*' then random key
+ will be generated automatically. The -responder option
+ may be used ONLY with MSG type. One of the clients must
+ be the responder side. The one being the responder must
+ use this option. The clients setting the key must agree
+ on which one is the responder.
+
+ unset [<number>]
+
+ Unset the key. The private key is not used after this
+ command. The key must be set again or the key material must
+ be re-negotiated to be able to use the private keys again.
+ The channel may have several private keys set. The <number>
+ can be used to indicate what key is being unset. If it is
+ not provided all keys are removed.
+
+ list
+
+ List all private keys that has been set. If the type is
+ MSG and the <nickname> is ´*' then all private message
+ keys that you've set will be listed.
+
+ change [<number>]
+
+ This command can be used only when type is CHANNEL. This is
+ used to change the current channel private key. The <number>
+ may indicate what key is changed. If it is not provided then
+ next key is changed to current channel private key. By default
+ this command is also bound to Meta-K (Alt+Shift+k) key.
+
+ agreement [<hostname> [<port>]]
+
+ Send key agreement request to remote client. If the
+ <hostname> is provided it is sent in the request. The
+ receiver may use the hostname to start the key agreement.
+ If the <port> is also provided your key agreement protocol
+ server is bound to that port. Note that it cannot be
+ privileged port (<1024). If the <hostname> and <port> is
+ not provided then the receiver will never initiate the key
+ agreement. In this case you may start the key agreement
+ after receiving the reply to the request, by giving the
negotiate command.
- This command may be used to send reply to the
- remote client. When receiving empty key agreement
- you can reply to the sender with the hostname and
- port of your key agreement server with this command.
-
- negotiate [<hostname> [<port>]]
-
- This may be called to start the key agreement with
- <nickname>. This command has effect only if the
- <nickname> has replied to your key agreement request.
- You will see a notify on the screen when the reply
- arrives. The <hostname> and <port> is the hostname
- and port of the remote client's key agreement
- server.
-
+ This command may be used to send reply to the remote client.
+ When receiving empty key agreement you can reply to the
+ sender with the hostname and port of your key agreement
+ server with this command.
+
+ If the hostname and port are ommitted, the irssi boolean
+ variable use_auto_addr will be examined. If it is set
+ the value of auto_bind_ip will be used as the IP address
+ to listen for the return reply, the value of auto_public_ip
+ will be the IP address sent to the remote client, and the
+ auto_bind_port will be the port value to be bound to and
+ sent to the remote client. If auto_public_ip is unset, but
+ auto_bind_ip is set, irssi will send the auto_bind_ip
+ variable's value to the remote client.
+
+ negotiate [<hostname> [<port>]]
+
+ This may be called to start the key agreement with <nickname>.
+ This command has effect only if the <nickname> has replied to
+ your key agreement request. You will see a notify on the
+ screen when the reply arrives. The <hostname> and <port> is the
+ hostname and port of the remote client's key agreement server.
+
+Examples:
+
+ Set channel private key to current channel, and list all keys:
+
+ /KEY CHANNEL * set very_secret_key_this_is
+ /KEY CHANNEL * list
+ /KEY MSG nickname set secretkey
+ /KEY MSG nick set secretkey -responder
+ /KEY MSG foo agreement 10.2.1.7 5000
+ /KEY MSG bar negotiate 10.2.1.7 5000
+
+See also: WHOIS, CHANNEL, GETKEY
projects / silc.git / blobdiff