Scroll to navigation

GVPECTRL(8) GNU Virtual Private Ethernet GVPECTRL(8)


"gvpectrl" - GNU Virtual Private Ethernet Control Program


gvpectrl [-ckgs] [--config=DIR] [--generate-keys] [--help] [--kill[=SIGNAL]] [--show-config] [--version]


This is the control program for the gvpe, the virtual private ethernet daemon.


Read configuration options from DIR.
Generates a single RSA key-pair. The public key will be stored in path while the private key will be stored in path .privkey. Neither file must be non-empty for this to succeed.

The public key file path is normally copied to pubkey/nodename in the config directory on all nodes, while the private key path.privkey should be copied to the file hostkey on the node the key is for.

It's recommended to generate the keypair on the node where it will be used, so that the private key file does not have to travel over the network.

Generate public/private RSA key-pairs for all nodes not having a key and exit.

Note that in normal configurations this will fail, as there cna only be one private key per host. To make this configuration work you need to specify separate keyfiles for hostkeys in your config file, e.g.:

   private-key = hostkeys/%s

Such a configuration makes it easier to distribute a configuration centrally but requires private keys to be transported securely over the network.

Suppresses messages the author finds nonessential for scripting purposes.
Display short list of options.
Attempt to kill a running gvpectrl (optionally with the specified SIGNAL instead of SIGTERM) and exit.
Show a summary of the configuration, and how gvpe interprets it. Can also be very useful when designing firewall scripts.
Output version information and exit.


If you find any bugs, report them to


gvpe(5), gvpe.conf(5), gvpe(8).

GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details.


Marc Lehmann <>.

2016-11-02 2.25