Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Tor
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Silvio Rhatto
Tor
Commits
fb64c55c
Commit
fb64c55c
authored
9 years ago
by
Nick Mathewson
Browse files
Options
Downloads
Patches
Plain Diff
Add descriptions for --keygen to the manpage
Based on text from s7r
parent
534a0ba5
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
changes/bug17583
+4
-0
4 additions, 0 deletions
changes/bug17583
doc/tor.1.txt
+27
-2
27 additions, 2 deletions
doc/tor.1.txt
with
31 additions
and
2 deletions
changes/bug17583
0 → 100644
+
4
−
0
View file @
fb64c55c
o Documentation:
- Add a description of the correct use of the '--keygen' command-line
option. Closes ticket 17583; based on text by 's7r'.
This diff is collapsed.
Click to expand it.
doc/tor.1.txt
+
27
−
2
View file @
fb64c55c
...
...
@@ -95,6 +95,30 @@ COMMAND-LINE OPTIONS
which tells Tor to only send warnings and errors to the console, or with
the **--quiet** option, which tells Tor not to log to the console at all.
[[opt-keygen]] **--keygen** [**--newpass**]
Running "tor --keygen" creates a new ed25519 master identity key for a
relay, or only a fresh temporary signing key and certificate, if you
already have a master key. Optionally you can encrypt the master identity
key with a passphrase: Tor will ask you for one. If you don't want to
encrypt the master key, just don't enter any passphrase when asked. +
+
The **--newpass** option should be used with --keygen only when you need
to add, change, or remove a passphrase on an existing ed25519 master
identity key. You will be prompted for the old passphase (if any),
and the new passphrase (if any). +
+
When generating a master key, you will probably want to use
**--DataDirectory** to control where the keys
and certificates will be stored, and **--SigningKeyLifetime** to
control their lifetimes. Their behavior is as documented in the
server options section below. (You must have write access to the specified
DataDirectory.) +
+
To use the generated files, you must copy them to the DataDirectory/keys
directory of your Tor daemon, and make sure that they are owned by the
user actually running the Tor daemon on your system.
Other options can be specified on the command-line in the format "--option
value", in the format "option value", or in a configuration file. For
instance, you can tell Tor to start listening for SOCKS connections on port
...
...
@@ -1908,8 +1932,9 @@ is non-zero):
[[OfflineMasterKey]] **OfflineMasterKey** **0**|**1**::
If non-zero, the Tor relay will never generate or load its master secret
key. Instead, you'll have to use "tor --keygen" to manage the master
secret key. (Default: 0)
key. Instead, you'll have to use "tor --keygen" to manage the permanent
ed25519 master identity key, as well as the corresponding temporary
signing keys and certificates. (Default: 0)
DIRECTORY SERVER OPTIONS
------------------------
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
