From 054fb7f6f636ebe47b3bb5c69b9a614770151bb6 Mon Sep 17 00:00:00 2001 From: Niels Provos Date: Thu, 24 Jul 1997 23:47:22 +0000 Subject: new symmetric identity choice. fix bug with expired exchange values on multiple exchanges. a bit more documentation. drop -f flag and have -c with opposite meaning instead. include responder offered schemes into responder cookie calculation. --- sbin/ipsec/startkey/startkey.1 | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'sbin/ipsec/startkey') diff --git a/sbin/ipsec/startkey/startkey.1 b/sbin/ipsec/startkey/startkey.1 index 689d2e2254d..b08d7b4b796 100644 --- a/sbin/ipsec/startkey/startkey.1 +++ b/sbin/ipsec/startkey/startkey.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: startkey.1,v 1.2 1997/07/23 12:28:57 provos Exp $ +.\" $OpenBSD: startkey.1,v 1.3 1997/07/24 23:47:21 provos Exp $ .\" Copyright 1997 Niels Provos .\" All rights reserved. .\" @@ -61,7 +61,9 @@ The options .Nm port , .Nm options , .Nm tsrc , -.Nm tdsr +.Nm tdsr , +.Nm exchange_lifetime , +.Nm spi_lifetime and .Nm user are understood by the daemon. @@ -84,6 +86,11 @@ for the tunnel to be created. .It tdst The destination address with netmask for which packets are accepted for the tunnel being created. +.It exchange_lifetime +Determines the lifetime of the exchange. After an exchange expires +no new SPIs are created. +.It spi_lifetime +Determines the lifetime of each created SPI in the exchange. .It user The user name for whom the keying shall be done. Preconfigured secrets are taken from the users secret file. -- cgit v1.2.3