1SESSIONSTATS(1)                                                SESSIONSTATS(1)
2
3
4

NAME

6       sessionStats -- show cjdns crypto sessions
7

SYNOPSIS

9       sessionStats
10

DESCRIPTION

12       Cjdroute  always talks to other nodes over a "session" similar to a TLS
13       session.  A session is required not only to talk to each peer, but also
14       when  talking  to intermediate nodes to ask them about their peers when
15       planning a route.
16
17       The cjdns protocol offers Perfect Forward Secrecy.  Each session has  a
18       random  symmetric key that encrypts that session.  If a node is compro‐
19       mised, the attacker can get the  session  keys  and  read  current  and
20       future  sessions.  However, the session keys are securely erased when a
21       session is destroyed, so that past  sessions  (before  the  compromise)
22       cannot  be  read.   The  lifetime  of  a  session  is  somewhat random.
23       Cjdroute caches recently active sessions, and  destroys  sessions  that
24       have not been used for a while.
25

USAGE

27       Running sessionStats requires admin privilege.  The cjdnsadmin lib will
28       try to read /etc/cjdroute.conf for the admin password.  This will  nor‐
29       mally succeed only for root.  Otherwise, it tries ~/.cjdnsadmin
30

FILES

32       ~/.cjdnsadmin /etc/cjdroute.conf
33

BUGS

35       If you get a TypeError, you probably have the wrong admin password.
36

SEE ALSO

38       cjdroute(1), peerStats(1)
39
40
41
42                                   May 2019                    SESSIONSTATS(1)
Impressum