1sessionStats(1) show cjdns crypto sessions sessionStats(1)
2 SYNOPSIS
6 sessionStats
7 DESCRIPTION
9 Cjdroute always talks to other nodes over a “session” similar to a TLS
10 session. A session is required not only to talk to each peer, but also
11 when talking to intermediate nodes to ask them about their peers when
12 planning a route.
13 The cjdns protocol offers Perfect Forward Secrecy. Each session has a
15 random symmetric key that encrypts that session. If a node is compro‐
16 mised, the attacker can get the session keys and read current and fu‐
17 ture sessions. However, the session keys are securely erased when a
18 session is destroyed, so that past sessions (before the compromise)
19 cannot be read. The lifetime of a session is somewhat random. Cj‐
20 droute caches recently active sessions, and destroys sessions that have
21 not been used for a while.
22 USAGE
24 Running sessionStats requires admin privilege. The cjdnsadmin lib will
25 try to read /etc/cjdroute.conf for the admin password. This will nor‐
26 mally succeed only for root. Otherwise, it tries ~/.cjdnsadmin
27 FILES
29 ~/.cjdnsadmin /etc/cjdroute.conf
30 BUGS
32 If you get a TypeError, you probably have the wrong admin password.
33 SEE ALSO
35 cjdroute(1), peerStats(1)
36 sessionStats(1)