On Fri, Nov 27, 2020 at 02:28:42PM +0000, Stuart Henderson wrote: > On 2020/11/27 14:17, Jason McIntyre wrote: > > On Fri, Nov 27, 2020 at 02:09:57PM +0000, Stuart Henderson wrote: > > > On 2020/11/27 13:41, Jason McIntyre wrote: > > > > > +++ wg.4 27 Nov 2020 12:28:32 -0000 > > > > > @@ -64,6 +64,9 @@ interface may be configured to recognise > > > > > .It Key > > > > > Each peer uses its private key and corresponding public key to > > > > > identify itself to others. > > > > > +The public key may be displayed by running > > > > > +.Xr ifconfig 8 > > > > > +as root after configuring the private key. > > > > > A peer configures a > > > > > .Nm wg > > > > > interface with its own private key and with the public keys of its > > > > > peers. > > > > > > > > i'm not sure about this text. wouldn;t the "Keys" section make more > > > > sense? the "Keys" section itself says: > > > > > > > > When an interface has a private key set with wgkey, the > > > > corresponding public key is shown in the status output of > > > > the interface, like so: > > > > > > > > wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps= > > > > > > > > maybe we should just elaborate here? > > > > > > Ah yes, that does seem a better place, maybe this helps, though > > > perhaps the addition to the example script is enough to give the > > > hint anyway. > > > > > > Index: man4/wg.4 > > > =================================================================== > > > RCS file: /cvs/src/share/man/man4/wg.4,v > > > retrieving revision 1.7 > > > diff -u -p -r1.7 wg.4 > > > --- man4/wg.4 27 Nov 2020 14:04:49 -0000 1.7 > > > +++ man4/wg.4 27 Nov 2020 14:08:56 -0000 > > > @@ -124,7 +124,10 @@ will accept any random 32-byte base64 st > > > When an interface has a private key set with > > > .Nm wgkey , > > > the corresponding > > > -public key is shown in the status output of the interface, like so: > > > +public key is shown in the status output of the interface > > > +displayed by > > > +.Xr ifconfig 8 > > > +when run as root, like so: > > > .Bd -literal -offset indent > > > wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps= > > > .Ed > > > > > > > > > > fine by me. i tried to think if we had any precedent in the man pages > > for this, where output is exposed by root, but couldn't. i thought our > > wireless interfaces did sth like that. > > > > i also tried to shorten your text but couldn;t come up with anything > > better. > > so ok. > > jmc > > > > Alternatively: > > Index: wg.4 > =================================================================== > RCS file: /cvs/src/share/man/man4/wg.4,v > retrieving revision 1.7 > diff -u -p -r1.7 wg.4 > --- wg.4 27 Nov 2020 14:04:49 -0000 1.7 > +++ wg.4 27 Nov 2020 14:28:03 -0000 > @@ -125,8 +125,9 @@ When an interface has a private key set > .Nm wgkey , > the corresponding > public key is shown in the status output of the interface, like so: > -.Bd -literal -offset indent > -wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps= > +.Bd -literal > +# ifconfig wg1 | grep wgpubkey > + wgpubkey NW5l2q2MArV5ZXpVXSZwBOyqhohOf8ImDgUB+jPtJps= > .Ed > .Sh EXAMPLES > Create two >
this is shorter (good), but less explicit about the need for root (less good). i guess it's a trade off. i think on balance i like the way you've done it here, but i'm fine either way. i'd remove ", like so" though. also i don;t think you should remove the indent - it would make the openssl example above it look wonky. jmc