1SESSIONSTATS(1) SESSIONSTATS(1)
2
3
4
6 sessionStats -- show cjdns crypto sessions
7
9 sessionStats
10
12 Cjdroute always talks to other nodes over a "session" similar to a TLS
13 session. A session is required not only to talk to each peer, but also
14 when talking to intermediate nodes to ask them about their peers when
15 planning a route.
16
17 The cjdns protocol offers Perfect Forward Secrecy. Each session has a
18 random symmetric key that encrypts that session. If a node is compro‐
19 mised, the attacker can get the session keys and read current and
20 future sessions. However, the session keys are securely erased when a
21 session is destroyed, so that past sessions (before the compromise)
22 cannot be read. The lifetime of a session is somewhat random.
23 Cjdroute caches recently active sessions, and destroys sessions that
24 have not been used for a while.
25
27 Running sessionStats requires admin privilege. The cjdnsadmin lib will
28 try to read /etc/cjdroute.conf for the admin password. This will nor‐
29 mally succeed only for root. Otherwise, it tries ~/.cjdnsadmin
30
32 ~/.cjdnsadmin /etc/cjdroute.conf
33
35 If you get a TypeError, you probably have the wrong admin password.
36
38 cjdroute(1), peerStats(1)
39
40
41
42 May 2019 SESSIONSTATS(1)