Show pagesourceOld revisionsBacklinksBack to top × Table of Contents Tinc Key management Configuration All articles Tinc Tinc provides an open-source L2/L3 VPN implementation. Key management Tinc generally relies on public-key cryptography. It requires to generate a private and public key for each peer and exchange only the public keys. While the private key is best never disclosed outside the peer where it was generated. Configuration The Tinc init script combines both UCI settings and the contents of the /etc/tinc directory to a full configuration located in the /tmp/tinc directory. The Tinc UCI config contains two types of sections: UCI section Mapped config Generated config Description tinc-net /etc/tinc/<NETNAME> /tmp/tinc/<NETNAME>/tinc.conf Defines the VPN network settings. tinc-host /etc/tinc/<NETNAME>/hosts/<NODENAME> /tmp/tinc/<NETNAME>/hosts/<NODENAME> Defines the VPN peer settings. The Tinc keys generated by default: Key file Description /etc/tinc/<NETNAME>/ed25519_key.priv Ed25519 private key. /etc/tinc/<NETNAME>/ed25519_key.pub Ed25519 public key. /etc/tinc/<NETNAME>/rsa_key.priv RSA private key. /etc/tinc/<NETNAME>/rsa_key.pub RSA public key. Public keys for each peer need to be stored either in UCI host sections or in host files using the same format as the generated keys. All articles Documentation User guide Additional services VPN (Virtual Private Network) Tinc Tinc client Tinc extras Tinc server This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2023/10/31 19:12by vgaetera