If you use Debian, you may want to install one of the precompiled packages for your system. These packages are equipped with system startup scripts and sample configurations.
If you cannot use one of the precompiled packages, or you want to compile tinc for yourself, you can use the source. The source is distributed under the GNU General Public License (GPL). Download the source from the download page, which has the checksums of these files listed; you may wish to check these with md5sum before continuing.
tinc comes in a convenient autoconf/automake package, which you can just treat the same as any other package. Which is just untar it, type `configure' and then `make'. More detailed instructions are in the file `INSTALL', which is included in the source distribution.
Detailed instructions on configuring the source, building tinc and installing tinc can be found in the file called `INSTALL'.
If you happen to have a binary package for tinc for your distribution, you can use the package management tools of that distribution to install tinc. The documentation that comes along with your distribution will tell you how to do that.
Before you can run tinc, you must make sure you have all the needed files on your system.
First, you'll need the special device file(s) that form the interface between the kernel and the daemon.
The permissions for these files have to be such that only the super user may read/write to this file. You'd want this, because otherwise eavesdropping would become a bit too easy. This does, however, imply that you'd have to run tincd as root.
If you use Linux and have a kernel version prior to 2.4.0, you have to make the ethertap devices:
mknod -m 600 /dev/tap0 c 36 16 chown 0.0 /dev/tap0 mknod -m 600 /dev/tap1 c 36 17 chown 0.0 /dev/tap0 ... mknod -m 600 /dev/tapN c 36 N+16 chown 0.0 /dev/tapN
There is a maximum of 16 ethertap devices.
If you use the universal tun/tap driver, you have to create the following device file (unless it already exist):
mknod -m 600 /dev/tun c 10 200 chown 0.0 /dev/tun
If you use Linux, and you run the new 2.4 kernel using the devfs filesystem, then the tun/tap device will probably be automatically generated as `/dev/misc/net/tun'.
Unlike the ethertap device, you do not need multiple device files if you are planning to run multiple tinc daemons.
You may add a line to `/etc/networks' so that your VPN will get a symbolic name. For example:
myvpn 10.0.0.0
You may add this line to `/etc/services'. The effect is that you may supply a `tinc' as a valid port number to some programs. The number 655 is registered with the IANA.
tinc 655/tcp TINC tinc 655/udp TINC # Ivo Timmermans <itimmermans@bigfoot.com>
Go to the first, previous, next, last section, table of contents.