similar to: OHM2013

Hi, We just found the tinc, looks like it is really a better VPN solution than traditional VPN, I am wondering, is there some cases we can refer, like is there some big cluster running in the production environment ? Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, Thanks for the link :) I guess we'll just end up having 2 separate VPNs, eventually. Have a good evening! > There is no centralized way to remove a subnet or block a user. A user > is authorized to be on the network by other nodes that have his/her > public key. If you delete the offending host config files and let tinc > reload its configuration, you can remove a bad node

Hi, I allow only TLS/SSL connection to dovecot. The managesieve doesn't work with TLS but it works without it. gladiac at magrathea:~> gnutls-cli -p 2000 -s --insecure -V milliways.cynapses.org Resolving 'milliways.cynapses.org'... Connecting to '213.239.217.124:2000'... - Simple Client Mode: - Received[194]: "IMPLEMENTATION" "dovecot"

Hi! I'm setting up a VPN with friends of mine, and we are currently considering the possibility to opening the subnet to more people. Considering that one day or another we may have to isolate a subnet (because of bad behaviour, or because it has been compromised), which solution(s) would you recommend for such a situation?

Hi all, I need a periodic timer running at ideally at 125 microseconds and at least 500 microseconds. I''ve just found the VCPUOP_set_periodic_timer, however there is a comment saying "periods less than one millisecond may not be supported". I will be running on an x64 machine. Is this supported? If not, is there any alternate means of generating a fast interrupt? Regards.

Hi everyone, I'm interested in using Tinc for building an overlay network on top of a community network. The overlay may consist of some hundreds of nodes, and devices will most probably not be very powerful (Alix or Commell-like or even less). To make the overlay network topology resemble the real one as much as possible, all nodes would ConnectTo all other nodes. Has anyone worked with a

I'm soooo close, but this last little thing is eluding me... I have the following Sieve rule in my global sieve rule: require ["fileinto"]; # Move spam to spam folder if header :contains "X-Spam-Flag" "YES" { fileinto "Junk"; stop; } This isn't firing. The .Junk folder exists under the user directories, but messages that have the

Hi all! Is there any way to make tinc use keys from a keyring or similar? I'm trying to find a way to manage multiple server, making it easier to register a new user to the network. Thanks! -- Martin Iñaki Malerba inakimmalerba at gmail.com inaki at satellogic.com

Hi, I am looking networking together about 1000-2000 sites across the country. I've been looking through these mailing lists. Saw the thread from the person who had 1000+ running on Amazon, and how they essentially stripped all security out of it. Also know that the ChaosVPN uses tinc, for at least 130+ sites although I'm a bit fuzzy on the details for it. Are there any other cases of

Hello dovecot users, I have updated the MANAGESIEVE patch to the latest stable version of dovecot (1.0.7). This new version also adds extra configuration settings to explicitly specify the location of the sieve storage and the active sieve script. Additionally, the README now more clearly explains the configuration of the daemon. It currently won't compile with 1.1 due to significant changes

For some weeks I've been trying to devise a way to connect multiple users in various parts of the city and state, and I found out that most likely Tinc is the only daemon that does the kind of meshing I want. I was successful in connecting some servers of mine around in switch mode, but now comes the hard part: How can I authenticate clients on my network? I would also need to direct static

Hello, I'm looking forward for release 1.1 esp. tincctl. Are there any release plans yet? Thanks, Keep smiling yanosz

TL;DR: a proposal for a new tinc feature that allows nodes to filter ADD_SUBNET messages based on the metaconnection on which they are received, so that nodes can't impersonate each other's VPN Subnets. Similar to StrictSubnets in spirit, but way more flexible. BACKGROUND: THE ISSUE OF TRUST IN A TINC NETWORK In terms of metaconnections (I'm not discussing data tunnels here), one of

I would say the weakest part of the TINC design is the configuration file layout. There is no way to split out the essentially static configuration for all nodes in the cluster and isolate the node specific settings to one configuration file. So that means I have to keep an inventory of configuration files per node so I can edit and deliver them and keep everything straight. The private

Fantastic, having it in the CLI would great. It is for the reason of users losing the pub key that I ask, writing some docs for an internal network. Ah interesting, I finally found openssl does not have the 25519 curve in there(and no plans to do so looks like) but I was not aware there was non standard priv key format either. Would it make sense for the tinc -n <netname> get

Thanks! Will get in touch with the author about the security implications. ---- On Seg, 18 dez 2017 20:03:21 -0200 Azul &lt;mail at azulinho.com&gt; wrote ---- I use https://github.com/JeevesTakesOver/Railtrack/blob/master/README.rst however in my setup I do trust the nodes in the VPN, so this may not exactly work out for what you want I tested ZeroTier for some time

On Mon, Dec 18, 2017 at 11:37 AM, Glauber Ferreira <glaubermmf at gmcomms.com.br> wrote: > What other kind of attacks should I be aware of? > (Impersonation, Any kinds of malicious broadcasts, etc) Possibly relevant: http://www.tinc-vpn.org/pipermail/tinc/2017-May/004864.html Etienne Dechamps wrote: > In general however, I would advise against trusting other nodes, even with >

Hi, I have a strange issue here. I have a large message of a svn commit and the message is cloning itself more and more. I've deleted it several time completely but it doesn't go away. http://www.cynapses.org/tmp/dovecot.png How can I debug it? Thanks, -- andreas milliways:~ # dovecot -n # 1.0.5: /etc/dovecot/dovecot.conf base_dir: /var/run/dovecot/ log_timestamp: %Y-%m-%d %H:%M:%S

On Mon, May 04, 2015 at 08:50:36PM +0200, Anne-Gwenn Kettunen wrote: > Hi! I'm setting up a VPN with friends of mine, and we are currently > considering the possibility to opening the subnet to more people. > Considering that one day or another we may have to isolate a subnet (because > of bad behaviour, or because it has been compromised), which solution(s) > would you

And we'll take a look at Pf & IPTables :) Good evening! >> There is no centralized way to remove a subnet or block a user. A user >> is authorized to be on the network by other nodes that have his/her >> public key. If you delete the offending host config files and let tinc >> reload its configuration, you can remove a bad node from the network. >> >>