Home Explore Help
Sign In
OWEALs
/
tinc
mirror of https://tinc-vpn.org/git/tinc
2
0
Fork 0
Files Issues 0 Wiki
Branch: 1.1-ed25519
Branches Tags
tinc
/
README

README 3.4 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. This is the README file for tinc version 1.1pre10. Installation
    2. 

  2. instructions may be found in the INSTALL file.
    3. 

  3. 

  4. tinc is Copyright (C) 1998-2014 by:
    5. 

  5. 

  6. Ivo Timmermans,
    7. 

  7. Guus Sliepen <guus@tinc-vpn.org>,
    8. 

  8. and others.
    9. 

  9. 

  10. For a complete list of authors see the AUTHORS file.
    11. 

  11. 

  12. This program is free software; you can redistribute it and/or modify
    13. 

  13. it under the terms of the GNU General Public License as published by
    14. 

  14. the Free Software Foundation; either version 2 of the License, or (at
    15. 

  15. your option) any later version. See the file COPYING for more details.
    16. 

  16. 

  17. 

  18. This is a pre-release
    19. 

  19. ---------------------
    20. 

  20. 

  21. Please note that this is NOT a stable release. Until version 1.1.0 is released,
    22. 

  22. please use one of the 1.0.x versions if you need a stable version of tinc.
    23. 

  23. 

  24. Although tinc 1.1 will be protocol compatible with tinc 1.0.x, the
    25. 

  25. functionality of the tinc program may still change, and the control socket
    26. 

  26. protocol is not fixed yet.
    27. 

  27. 

  28. 

  29. Security statement
    30. 

  30. ------------------
    31. 

  31. 

  32. This version uses an experimental and unfinished cryptographic protocol. Use it
    33. 

  33. at your own risk.
    34. 

  34. 

  35. 

  36. Compatibility
    37. 

  37. -------------
    38. 

  38. 

  39. Version 1.1pre10 is compatible with 1.0pre8, 1.0 and later, but not with older
    40. 

  40. versions of tinc.
    41. 

  41. 

  42. When the ExperimentalProtocol option is used, tinc is still compatible with
    43. 

  43. 1.0.X and 1.1pre10 itself, but not with any other 1.1preX version.
    44. 

  44. 

  45. 

  46. Requirements
    47. 

  47. ------------
    48. 

  48. 

  49. In order to compile tinc, you will need a GNU C compiler environment. Please
    50. 

  50. ensure you have the latest stable versions of all the required libraries:
    51. 

  51. 

  52. - OpenSSL (http://www.openssl.org/) version 1.0.0 or later, with support for
    53. 

  53.   elliptic curve cryptography (ECC) and Galois counter mode (GCM) enabled.
    54. 

  54. 

  55. The following libraries are used by default, but can be disabled if necessary:
    56. 

  56. 

  57. - zlib (http://www.gzip.org/zlib/)
    58. 

  58. - lzo (http://www.oberhumer.com/opensource/lzo/)
    59. 

  59. - ncurses (http://invisible-island.net/ncurses/)
    60. 

  60. - readline (ftp://ftp.gnu.org/pub/gnu/readline/)
    61. 

  61. 

  62. 

  63. Features
    64. 

  64. --------
    65. 

  65. 

  66. Tinc is a peer-to-peer VPN daemon that supports VPNs with an arbitrary number
    67. 

  67. of nodes. Instead of configuring tunnels, you give tinc the location and
    68. 

  68. public key of a few nodes in the VPN. After making the initial connections to
    69. 

  69. those nodes, tinc will learn about all other nodes on the VPN, and will make
    70. 

  70. connections automatically. When direct connections are not possible, data will
    71. 

  71. be forwarded by intermediate nodes.
    72. 

  72. 

  73. By default, nodes authenticate each other using 2048 bit RSA (or 521 bit
    74. 

  74. ECDSA*) keys. Traffic is encrypted using Blowfish in CBC mode (or AES-256 in
    75. 

  75. GCM mode*), authenticated using HMAC-SHA1 (or GCM*), and is protected against
    76. 

  76. replay attacks.
    77. 

  77. 

  78. *) When using the ExperimentalProtocol option.
    79. 

  79. 

  80. Tinc fully supports IPv6.
    81. 

  81. 

  82. Tinc can operate in several routing modes. In the default mode, "router", every
    83. 

  83. node is associated with one or more IPv4 and/or IPv6 Subnets. The other two
    84. 

  84. modes, "switch" and "hub", let the tinc daemons work together to form a virtual
    85. 

  85. Ethernet network switch or hub.
    86. 

  86. 

  87. Normally, when started tinc will detach and run in the background. In a native
    88. 

  88. Windows environment this means tinc will intall itself as a service, which will
    89. 

  89. restart after reboots.  To prevent tinc from detaching or running as a service,
    90. 

  90. use the -D option.
    91. 

  91. 

  92. The status of the VPN can be queried using the "tinc" command, which connects
    93. 

  93. to a running tinc daemon via a control connection. The same tool also makes it
    94. 

  94. easy to start and stop tinc, and to change its configuration.
    95.