X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=doc%2Fexample_silcd.conf;h=6f9afc639a3969d57e616da4614a4fc6480c1e9a;hp=236e200ef44946966f8756f7df1beb5619125db1;hb=e5d8d3db6caa344b3d419b884556c21b15e7d123;hpb=09e2294db9818e3cf46038c6f107be5b51c301c7 diff --git a/doc/example_silcd.conf b/doc/example_silcd.conf index 236e200e..6f9afc63 100644 --- a/doc/example_silcd.conf +++ b/doc/example_silcd.conf @@ -6,16 +6,16 @@ # If the cipher is builtin the maybe omitted. # [Cipher] -aes-256-cbc:../lib/silcsim/modules/aes.sim.so:32:16 -aes-192-cbc:../lib/silcsim/modules/aes.sim.so:24:16 -aes-128-cbc:../lib/silcsim/modules/aes.sim.so:16:16 -twofish-256-cbc:../lib/silcsim/modules/twofish.sim.so:32:16 -twofish-192-cbc:../lib/silcsim/modules/twofish.sim.so:24:16 -twofish-128-cbc:../lib/silcsim/modules/twofish.sim.so:16:16 -mars-256-cbc:../lib/silcsim/modules/mars.sim.so:32:16 -mars-192-cbc:../lib/silcsim/modules/mars.sim.so:24:16 -mars-128-cbc:../lib/silcsim/modules/mars.sim.so:16:16 -none:../lib/silcsim/modules/none.sim.so:0:0 +aes-256-cbc:/usr/local/silc/modules/aes.sim.so:32:16 +aes-192-cbc:/usr/local/silc/modules/aes.sim.so:24:16 +aes-128-cbc:/usr/local/silc/modules/aes.sim.so:16:16 +twofish-256-cbc:/usr/local/silc/modules/twofish.sim.so:32:16 +twofish-192-cbc:/usr/local/silc/modules/twofish.sim.so:24:16 +twofish-128-cbc:/usr/local/silc/modules/twofish.sim.so:16:16 +mars-256-cbc:/usr/local/silc/modules/mars.sim.so:32:16 +mars-192-cbc:/usr/local/silc/modules/mars.sim.so:24:16 +mars-128-cbc:/usr/local/silc/modules/mars.sim.so:16:16 +none:/usr/local/silc/modules/none.sim.so:0:0 # # Configured hash functions. @@ -24,20 +24,29 @@ none:../lib/silcsim/modules/none.sim.so:0:0 # # If the hash function is builtin the maybe omitted. # -[HashFunction] -md5::64:16 +[Hash] sha1::64:20 +md5::64:16 # -# Configured PKCS. +# Configured HMAC functions. The hash function used in the HMAC must +# configured to the [hash] section. # -# Format: :: +# Format: :: # -# NOTE: must be omitted as PKCS cannot be modules currently. +[hmac] +hmac-sha1-96:sha1:12 +hmac-md5-96:md5:12 +hmac-sha1:sha1:20 +hmac-md5:md5:16 + +# +# Configured PKCS. # -#[PKCS] -#rsa::1024 -#dss::1024 +# Format: +# +[PKCS] +rsa # # Run SILC server as specific user and group. The server must be initially @@ -64,10 +73,18 @@ Kuopio, Finland:Test Server:Pekka Riikonen:priikone@poseidon.pspt.fi [ServerInfo] lassi.kuo.fi.ssh.com:10.2.1.6:Kuopio, Finland:706 +# +# Server keys +# +# Format: +: +# +[ServerKeys] +/etc/silc/silcd.pub:/etc/silc/silcd.prv + # # Listenning ports. # -# Format: :: +# Format: :: # [ListenPort] 10.2.1.6:10.2.1.6:706 @@ -86,10 +103,10 @@ lassi.kuo.fi.ssh.com:10.2.1.6:Kuopio, Finland:706 # fatallogile:: # [Logging] -infologfile:silcd.log:10000 -#warninglogfile:/var/log/silcd_warning.log:10000 -#errorlogfile:ERROR.log:10000 -#fatallogfile:/var/log/silcd_error.log: +infologfile:/usr/local/silc/logs/silcd.log:10000 +#warninglogfile:/usr/local/silc/logs/silcd_warning.log:10000 +#errorlogfile:/usr/local/silc/logs/error.log:10000 +#fatallogfile:/usr/local/silc/logs/silcd_error.log: # # Connection classes. @@ -108,16 +125,22 @@ infologfile:silcd.log:10000 # # Format: :::: # +# The is either passphrase or file path to the public key +# file. +# [ClientConnection] -:::1333:1 +:::706:1 # # Configured server administrator connections # -# Format: :::: +# Format: :::: +# +# The is either passphrase or file path to the public key +# file. # [AdminConnection] -10.2.1.199:passwd:veryscret:XXX:1 +10.2.1.199:priikone:pekka:passwd:veryscret # # Configured server connections. @@ -127,10 +150,19 @@ infologfile:silcd.log:10000 # Thus, if your server is not router do not configure this section. If # your server is router, this must be configured. # -# Format: ::::: +# Format: :::: +# :: +# +# The is either passphrase or file path to the public key +# file. If the connection is backup connection then set the to value 1. For normal connections set it 0. If it is +# set to value 1 then this server will be backup router. # [ServerConnection] -10.2.1.7:passwd:veryscret:706:1:1 +10.2.1.7:passwd:veryscret:706:1:1:0 +10.2.1.17:passwd:veryscret13:706:1:1:1 # backup connection, that host + # will use this server as backup + # router. # # Configured router connections. @@ -140,25 +172,30 @@ infologfile:silcd.log:10000 # this sections includes all configured router connections. The first # configured connection is the primary route. # -# Format: :::::: +# Format: ::::: +# ::: +# +# The is either passphrase or file path to the public key +# file. If you are the initiator of the connection then set the +# to value 1. If you are the responder of the connection (waiting for +# incoming connection) then set it to 0. +# +# If the connection is backup router connection then set the to value 1. For normal connection set it to 0. If this +# backup router is in our cell then set the to value 1. +# If the backup router is in other cell then set it to value 0. # [RouterConnection] -#10.2.1.100:passwd:veryverysecret:706:1:1:1 +#10.2.1.100:passwd:veryverysecret:706:1:1:1:0:0 +#10.2.100.131:pubkey:/path/to/the/publickey:706:1:1:1:0:0 +#10.2.100.100:pubkey:/path/to/the/publickey:706:1:1:0:1:1 # # Denied connections. # # These connections are denied to connect our server. # -# Format: :