1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
<?xml version="1.0" standalone='no'?>
<!DOCTYPE manpage SYSTEM "man.dtd">
<?xml-stylesheet type="text/xsl" href="man.xsl" ?>
<!-- $Id$ -->
<!--
This file is part of aeswepd.
aeswepd is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
aeswepd is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public License
along with aeswepd; if not, write to the Free Software Foundation,
Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
-->
<manpage name="aeswepd" section="8" desc="AES Rekeying Daemon for IEEE 802.11 WEP">
<synopsis>
<cmd>aeswepd [<arg>options</arg>]</cmd>
<cmd>aeswepls [<arg>options</arg>]</cmd>
</synopsis>
<description>
<p>aeswepd is UNIX daemon for changing WEP keys of WLAN devices
in constant intervals. The WEP keys are calculated by encrypting
the current UNIX time using the AES cypher with a given constant
key. aeswepd is intended to increase the security of the
hardware based, standards compliant WEP technology. </p>
<p>aeswepd may use up to three hardware WEP keys: the first is
set to the current, the second to the previous and the third to
the next key. This is useful when working with not completely
synchronized RTCs. If only a single hardware WEP key is used, you
have to synchronize your RTCs so that no connectivity interrupts
may occur.</p>
<p>Currently, aeswepd is able to modify the WEP keys of local
network devices providing the Linux wireless extensions only.</p>
<p>aeswepls may be used to query the current keys of a running
daemon for the specified interface.</p>
</description>
<options>
<option>
<p><opt>-n | --no-daemon</opt></p>
<optdesc><p>
Do not daemonize (for debugging) (default: off)
</p></optdesc>
</option>
<option>
<p><opt>-s | --no-syslog</opt></p>
<optdesc><p>
Do not use syslog, use stdout instead (for debugging) (default: off).
</p></optdesc>
</option>
<option>
<p><opt>-i | --iface=</opt> <arg>IFACE</arg></p>
<optdesc><p>
Specify ethernet interface (default: eth0)
</p></optdesc>
</option>
<option>
<p><opt>-w | --wait-on-fork</opt></p>
<optdesc><p> When daemonizing, wait until the background
process finished with the initial link beat detection. When
this is enabled, the parent process will return the link
status on exit. 1 means link beat detected, 2 stands for link
beat not detected, everything else is an error.
</p></optdesc>
</option>
<option>
<p><opt>-t | --rekey-time=</opt> <arg>SEC</arg></p>
<optdesc><p>Specify the rekeying interval in seconds.</p></optdesc>
</option>
<option>
<p><opt>-K | --key</opt> <arg>KEY</arg></p>
<optdesc><p>Specify the AES key to use. Don't use this options, since users may get access to the key by running <file>ps</file>.</p></optdesc>
</option>
<option>
<p><opt>-E | --keye-env</opt> <arg>ENV</arg></p>
<optdesc><p>Specify an environment variable to read the AES key to use from.</p></optdesc>
</option>
<option>
<p><opt>-F | --key-file</opt> <arg>FILE</arg></p>
<optdesc><p>Specify a file to read the AES key to use from.</p></optdesc>
</option>
<option>
<p><opt>-m | --max-keys=</opt> <arg>NR</arg></p>
<optdesc><p>Specify how many hardware WEP keys are to be used
by aeswepd. Currently only 1 and 3 are supported. Most 802.11
hardware is capable to use up to four distinct WEP keys
concurrently.</p></optdesc>
</option>
<option>
<p><opt>-l | --list-keys</opt></p>
<optdesc><p>Show keys of running daemon for the specified interface. This is implied if the binary is called as <file>aeswepls</file></p></optdesc>
</option>
<option>
<p><opt>-h | --help</opt></p>
<optdesc><p>
Show help
</p></optdesc>
</option>
<option>
<p><opt>-k | --kill</opt></p>
<optdesc><p>
Kill a running daemon (Specify -i to select the daemon instance to kill)
</p></optdesc>
</option>
<option>
<p><opt>-c | --check-running</opt></p>
<optdesc><p>
Check if a daemon is running for a given network interface. Sets the return value to 0 if a daemon is already running or to 255 if not.
</p></optdesc>
</option>
<option>
<p><opt>-v | --version</opt></p>
<optdesc><p>
Show version
</p></optdesc>
</option>
</options>
<section name="Signals">
<p><arg>SIGINT, SIGTERM, SIGTQUIT</arg> aeswepd will quit. This is issued by passing -k to aeswepd.</p>
<p><arg>SIGHUP</arg> aeswepd will rekey immediately.</p>
</section>
<section name="Author">
<p>aeswepd was written by Lennart Poettering
<@PACKAGE_BUGREPORT@>. aeswepd is available
at <url
href="@PACKAGE_URL@"/>
</p>
</section>
<section name="See also">
<p>
<manref name="waproamd" section="8"/>, <manref name="iwconfig" section="8"/>
</p>
</section>
<section name="Comments">
<p>This man page was written using <manref name="xmltoman" section="1"
href="http://masqmail.cx/xml2man/"/> by Oliver Kurth.</p>
</section>
</manpage>
|