1. That entirely depends on how you have it set up (look at StrictSubnets and TunnelServer). It might also be recommended to have every node re-key itself (http://tinc-vpn.org/security/). 2. No, tinc cannot do this itself. 3. That is not a bad approach.
-----Original Message----- From: tinc [mailto:[email protected]] On Behalf Of Alessandro Briosi Sent: Monday, July 10, 2017 1:43 AM To: [email protected] Subject: Some tinc clatifications Hi all, I'm currently happily using tinc in my networks. I also use OpenVPN based on the customer requirements. I though have some questions which I could not find a clear answer. What I'd like to know is: 1. How to revoke a "node", simply removing the host file on the servers is enough? And one created by invitation? 2. Is there a way to let tinc ask for a username/password (like it's possible with OpenVPN)? (I know this might be complicated as one would have to have a centralized or synced user db, but that's not tinc business anyway). 3. Suppose I have 3 or more tinc "servers", is it suggested that the "hosts" directory be synced between thoose hosts? Thank you. Alessandro _______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc _______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
