Man Linux: Main Page and Category List

NAME

       secvpn - Control the Secure Virtual Private Network

SYNOPSIS

       secvpn [-v][-n][-s][-r] start|stop|routedel|routeadd|test|status [Host]

DESCRIPTION

       Secvpn  builds  a  virtual  private  network  (vpn)   as   defined   in
       /etc/network/secvpn.conf.   The   vpn  uses  encryption  based  on  ssh
       security.

       Before svpn can be used you have to enable  automatic  ssh  access  for
       user "secvpn" from the initiator secvpn pc to the target secvpn pc. Use
       authorized_ keys or RhostsRSAAuthentication with the .shosts file. Have
       a look to the ssh - manpages for more informations.

       The following subcommands may be used with secvpn:

       start  is  used  to  start  the vpn. Secvpn will add new ppp interfaces
              necessary to make the vpn work, but will not  automatically  add
              routes  (see the routeadd option below). If the recursive option
              is set, secvpn will log into the passive hosts and  run  "secvpn
              -r start" on them too.

       stop   is used to stop the vpn.

       routeadd
              is  used  to  setup  new  routing  entries based on secvpn.conf.
              Secvpn will first add the route active->passive, then  tell  the
              passive  host  to  add the route back.  The route in the passive
              host will be added according to the configuration file there (in
              the  passive host), so if the configuration files differ, things
              will not work.

       routedel
              will delete the routing entries built with routeadd.

       test   checks whether the ppp interface is used to reach O_CRYPT_IP.

       status same as test, but checks all vpns if no host is  named  (instead
              of only active vpns as ’test’ does).

OPTIONS

       -v     verbose output

       -n     do nothing

       -s     be silent

       -r     work recursive

EXAMPLES

       There are 3 examples in /usr/share/doc/secvpn/examples:

       Example1: secvpn acts as router connection 2 subnets

       Example2: secvpn having one lan-card and connect 2 subnets

       Example3:  secvpn  having one lan-card and connect 11 subnets in a tree
       structure

OTHER

       To have real security it is necessary to secure each secvpn host and to
       have  firewalls  on each secvpn host allowing only selected IP-Adresses
       and Ports to pass through the VPN.

AUTHOR

       Bernd Schumacher, HP Consulting,  HEWLETT-PACKARD  GmbH,  Bad  Homburg,
       2000-2005

COPYRIGHT

       Copyright: Most recent version of the GPL.

       On  Debian  GNU/Linux  systems,  the  complete  text of the GNU General
       Public License can be found in "/usr/share/common-licenses/GPL".

SEE ALSO

       secvpn(1) secvpnmon(1) ssh(1) timeout(1) secvpn.conf(4)