man secvpn (Commandes) - Control the Secure Virtual Private Network

NAME

secvpn - Control the Secure Virtual Private Network

SYNOPSIS

secvpn [-v][-n][-s][-r] start|stop|routedel|routeadd|test|status [Host]

DESCRIPTION

Secvpn builds a virtual private network (vpn) as defined in /etc/network/secvpn.conf. The vpn uses encryption based on ssh security.

Before svpn can be used you have to enable automatic ssh access for user "secvpn" from the initiator secvpn pc to the target secvpn pc. Use authorized_ keys or RhostsRSAAuthentication with the .shosts file. Have a look to the ssh - manpages for more informations.

The following subcommands may be used with secvpn:

start
is used to start the vpn. Secvpn will add new ppp interfaces necessary to make the vpn work, but will not automatically add routes (see the routeadd option below). If the recursive option is set, secvpn will log into the passive hosts and run "secvpn -r start" on them too.
stop
is used to stop the vpn.
routeadd
is used to setup new routing entries based on secvpn.conf. Secvpn will first add the route active->passive, then tell the passive host to add the route back. The route in the passive host will be added according to the configuration file there (in the passive host), so if the configuration files differ, things will not work.
routedel
will delete the routing entries built with routeadd.
test
checks whether the ppp interface is used to reach O_CRYPT_IP.
status
same as test, but checks all vpns if no host is named (instead of only active vpns as 'test' does).

OPTIONS

-v
verbose output
-n
do nothing
-s
be silent
-r
work recursive

EXAMPLES

There are 3 examples in /usr/share/doc/secvpn/examples:

Example1: secvpn acts as router connection 2 subnets

Example2: secvpn having one lan-card and connect 2 subnets

Example3: secvpn having one lan-card and connect 11 subnets in a tree structure

OTHER

To have real security it is necessary to secure each secvpn host and to have firewalls on each secvpn host allowing only selected IP-Adresses and Ports to pass through the VPN.

AUTHOR

Bernd Schumacher, HP Consulting, HEWLETT-PACKARD GmbH, Bad Homburg, 2000-2005

COPYRIGHT

Copyright: Most recent version of the GPL.

On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in "/usr/share/common-licenses/GPL".

SEE ALSO