Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

secvpn(1) [debian man page]

SECVPN(1)						      General Commands Manual							 SECVPN(1)

NAME

       secvpn - Control the Secure Virtual Private Network

SYNOPSIS

       secvpn [-v][-n][-s][-r] start|stop|routedel|routeadd|test|status [Host]

DESCRIPTION

       Secvpn builds a virtual private network (vpn) as defined in /etc/network/secvpn.conf. The vpn uses encryption based on ssh security.

       Before secvpn can be used you have to create some prerequisites.  See PREREQUISITES below.

       The following subcommands may be used with secvpn:

       start  is  used	to start the vpn. Secvpn will add new ppp interfaces necessary to make the vpn work, but will not automatically add routes
	      (see the routeadd option below). If the recursive option is set, secvpn will log into the passive hosts and run "secvpn -r start" on
	      them too.

       stop   is used to stop the vpn.

       routeadd
	      is  used	to  setup new routing entries based on secvpn.conf. Secvpn will first add the route active->passive, then tell the passive
	      host to add the route back.  The route in the passive host will be added according to the configuration file there (in  the  passive
	      host), so if the configuration files differ, things will not work.

       routedel
	      will delete the routing entries built with routeadd.

       test   checks whether the ppp interface is used to reach O_CRYPT_IP.

       status same as test, but checks all vpns if no host is named (instead of only active vpns as 'test' does).

OPTIONS

       -v     verbose output

       -n     do nothing

       -s     be silent

       -r     work recursive

PREREQUISITES

       Before  secvpn  can  be used you have to enable passwordless ssh access for user "secvpn" from the initiator secvpn pc to the target secvpn
       pc. Use authorized_ keys or RhostsRSAAuthentication with the .shosts file. Have a look to the ssh - manpages for more information.

       Before secvpn can be used you have to give root rights for specific commands to the user "secvpn". This can be done with the followin  com-
       mand:

	       echo "secvpn  ALL=NOPASSWD: /usr/sbin/secvpn, /usr/sbin/pppd" >>/etc/sudoers

       Before secvpn can be used you have to edit /etc/secvon.conf. See secvpn.conf(4).

EXAMPLES

       There are 3 examples in /usr/share/doc/secvpn/examples:

       Example1: secvpn acts as router connection 2 subnets

       Example2: secvpn having one lan-card and connect 2 subnets

       Example3: secvpn having one lan-card and connect 11 subnets in a tree structure

OTHER

       To  have  real  security  it  is  necessary to secure each secvpn host and to have firewalls on each secvpn host allowing only selected IP-
       Adresses and Ports to pass through the VPN.

AUTHOR

       Bernd Schumacher, HP Consulting, HEWLETT-PACKARD GmbH, Bad Homburg, 2000-2005

COPYRIGHT

       Copyright: Most recent version of the GPL.

       On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in "/usr/share/common-licenses/GPL".

SEE ALSO

       secvpn(1) secvpnmon(1) ssh(1) timeout(1) secvpn.conf(4)

secvpn								    August 2000 							 SECVPN(1)

Check Out this Related Man Page

routes(4)						     Kernel Interfaces Manual							 routes(4)

NAME

       routes - Specifies Internet routing information to the routing tables

SYNOPSIS

       /etc/routes

DESCRIPTION

       Static  routes  can  be defined in the /etc/routes file.  The /etc/routes file identifies static routes that are automatically added to the
       network routing tables with the /usr/sbin/route add command.  The /sbin/init.d/route script contains the /usr/sbin/route add  command  that
       is executed for each entry in the /etc/routes file when the network is restarted on the system or the system is rebooted.

       The general format of an entry in the /etc/routes file is: Dest Name1 Name2

       The  following is a brief description of each element in an /etc/routes file entry: A keyword that indicates whether the route is to a net-
       work or to a host. The two possible keywords are -net and -host.  The name or address of the destination network or  host.   Name1  can	be
       either  a  symbolic  name (as used in the /etc/hosts or /etc/networks file) or an Internet address specified in dotted-decimal format.  The
       name or address of the gateway host to which messages should be forwarded.  Name2 can be either a symbolic name (as used in the	/etc/hosts
       file) or an Internet address specified in dotted-decimal format.

       The  routes file is a Context-Dependent Symbolic Link (CDSL) and must be maintained as such.  See the System Administration manual for more
       information.

EXAMPLES

       To specify a route to a network through a gateway host with an entry in the /etc/routes file, enter:

       -net net2 host4

	      This example specifies a route to a network, net2, through the gateway host4.  To specify a route to a host through a  gateway  host
	      with an entry in the /etc/routes file, enter:

	      -host host2 host4

	      This  example  specifies	a route to a host, host2, through the gateway host4.  To specify a route to a default gateway host with an
	      entry in the /etc/routes file, enter:

	      default 130.9.0.5

	      This example specifies a route to a default gateway with an Internet address of 130.9.0.5.

FILES

       Contains the /usr/sbin/routed add command.

RELATED INFORMATION

       Commands: route(8)

       Daemons: gated(8), routed(8)

       Files: gated.conf(4)

       Network Administration delim off

																	 routes(4)
Man Page