1This is the README file for tinc version 1.0.36. Installation 2instructions may be found in the INSTALL file. 3 4tinc is Copyright (C) 1998-2019 by: 5 6Ivo Timmermans, 7Guus Sliepen <guus@tinc-vpn.org>, 8and others. 9 10For a complete list of authors see the AUTHORS file. 11 12This program is free software; you can redistribute it and/or modify 13it under the terms of the GNU General Public License as published by 14the Free Software Foundation; either version 2 of the License, or (at 15your option) any later version. See the file COPYING for more details. 16 17 18Security statement 19------------------ 20 21In August 2000, we discovered the existence of a security hole in all versions 22of tinc up to and including 1.0pre2. This had to do with the way we exchanged 23keys. Since then, we have been working on a new authentication scheme to make 24tinc as secure as possible. The current version uses the OpenSSL library and 25uses strong authentication with RSA keys. 26 27On the 29th of December 2001, Jerome Etienne posted a security analysis of tinc 281.0pre4. Due to a lack of sequence numbers and a message authentication code 29for each packet, an attacker could possibly disrupt certain network services or 30launch a denial of service attack by replaying intercepted packets. The current 31version adds sequence numbers and message authentication codes to prevent such 32attacks. 33 34On September the 15th of 2003, Peter Gutmann contacted us and showed us a 35writeup describing various security issues in several VPN daemons. He showed 36that tinc lacks perfect forward security, the connection authentication could 37be done more properly, that the sequence number we use as an IV is not the best 38practice and that the default length of the HMAC for packets is too short in 39his opinion. We do not know of a way to exploit these weaknesses, but these 40issues are being addressed in the tinc 1.1 branch. 41 42The Sweet32 attack affects versions of tinc prior to 1.0.30. 43 44On September 6th, 2018, Michael Yonly contacted us and provided 45proof-of-concept code that allowed a remote attacker to create an 46authenticated, one-way connection with a node, and also that there was a 47possibility for a man-in-the-middle to force UDP packets from a node to be sent 48in plaintext. The first issue was trivial to exploit on tinc versions prior to 491.0.30, but the changes in 1.0.30 to mitigate the Sweet32 attack made this 50weakness much harder to exploit. These issues have been fixed in tinc 1.0.35. 51The new protocol in the tinc 1.1 branch is not susceptible to these issues. 52 53Cryptography is a hard thing to get right. We cannot make any 54guarantees. Time, review and feedback are the only things that can 55prove the security of any cryptographic product. If you wish to review 56tinc or give us feedback, you are strongly encouraged to do so. 57 58 59Compatibility 60------------- 61 62Version 1.0.35 is compatible with 1.0pre8, 1.0 and later, but not with older 63versions of tinc. Note that since version 1.0.30, tinc requires all nodes in 64the VPN to be compiled with a version of LibreSSL or OpenSSL that supports the 65AES256 and SHA256 algorithms. 66 67 68Requirements 69------------ 70 71The OpenSSL library is used for all cryptographic functions. You can find it at 72https://www.openssl.org/. You will need version 1.0.1 or later with support for 73AES256 and SHA256 enabled. If this library is not installed on your system, the 74configure script will fail. The manual in doc/tinc.texi contains more detailed 75information on how to install this library. Alternatively, you may also use the 76LibreSSL library. 77 78The zlib library is used for optional compression. You can 79find it at https://zlib.net/. Because of a possible exploit in 80earlier versions we recommend that you download version 1.1.4 or later. 81 82The LZO library is also used for optional compression. You can 83find it at https://www.oberhumer.com/opensource/lzo/. 84 85In order to compile tinc, you will need a C99 compliant compiler. 86 87 88Features 89-------- 90 91This version of tinc supports multiple virtual networks at once. To 92use this feature, you may supply a netname via the -n or --net 93options. The standard locations for the config files will then be 94/etc/tinc/<net>/. 95 96tincd regenerates its encryption key pairs. It does this on the first 97activity after the keys have expired. This period is adjustable in the 98configuration file, and the default time is 3600 seconds (one hour). 99 100This version supports multiple subnets at once. They are also sorted 101on subnet mask size. This means that it is possible to have 102overlapping subnets on the VPN, as long as their subnet mask sizes 103differ. 104 105Since pre5, tinc can operate in several routing modes. The default mode, 106"router", works exactly like the older version, and uses Subnet lines to 107determine the destination of packets. The other two modes, "switch" and "hub", 108allow the tinc daemons to work together like a single network switch or hub. 109This is useful for bridging networks. The latter modes only work properly on 110Linux, FreeBSD and Windows. 111 112The algorithms used for encryption and generating message authentication codes 113can now be changed in the configuration files. All cipher and digest algorithms 114supported by OpenSSL can be used. Useful ciphers are "blowfish" (default), 115"bf-ofb", "des", "des3", et cetera. Useful digests are "sha1" (default), "md5", 116et cetera. 117 118Support for routing IPv6 packets has been added. Just add Subnet lines with 119IPv6 addresses (without using :: abbreviations) and use ifconfig or ip (from 120the iproute package) to give the virtual network interface corresponding IPv6 121addresses. tinc does not provide autoconfiguration for IPv6 hosts. Consider 122using radvd or zebra if you need it. 123 124It is also possible to make tunnels to other tinc daemons over IPv6 networks, 125if the operating system supports IPv6. tinc will automatically use both IPv6 126and IPv4 when available, but this can be changed by adding the option 127"AddressFamily = ipv4" or "AddressFamily = ipv6" to the tinc.conf file. 128 129Normally, when started tinc will detach and run in the background. In a native 130Windows environment this means tinc will install itself as a service, which will 131restart after reboots. To prevent tinc from detaching or running as a service, 132use the -D option. 133 134