1sessionStats(1)           show cjdns crypto sessions           sessionStats(1)
2
3
4
5   SYNOPSIS
6       sessionStats
7
8   DESCRIPTION
9       Cjdroute  always talks to other nodes over a “session” similar to a TLS
10       session.  A session is required not only to talk to each peer, but also
11       when  talking  to intermediate nodes to ask them about their peers when
12       planning a route.
13
14       The cjdns protocol offers Perfect Forward Secrecy.  Each session has  a
15       random  symmetric key that encrypts that session.  If a node is compro‐
16       mised, the attacker can get the session keys and read current  and  fu‐
17       ture  sessions.   However,  the session keys are securely erased when a
18       session is destroyed, so that past  sessions  (before  the  compromise)
19       cannot  be  read.   The  lifetime of a session is somewhat random.  Cj‐
20       droute caches recently active sessions, and destroys sessions that have
21       not been used for a while.
22
23   USAGE
24       Running sessionStats requires admin privilege.  The cjdnsadmin lib will
25       try to read /etc/cjdroute.conf for the admin password.  This will  nor‐
26       mally succeed only for root.  Otherwise, it tries ~/.cjdnsadmin
27
28   FILES
29       ~/.cjdnsadmin /etc/cjdroute.conf
30
31   BUGS
32       If you get a TypeError, you probably have the wrong admin password.
33
34   SEE ALSO
35       cjdroute(1), peerStats(1)
36
37
38
39                                                               sessionStats(1)
Impressum