sessionStats - Man Page




Cjdroute always talks to other nodes over a “session” similar to a TLS session. A session is required not only to talk to each peer, but also when talking to intermediate nodes to ask them about their peers when planning a route.

The cjdns protocol offers Perfect Forward Secrecy. Each session has a random symmetric key that encrypts that session. If a node is compromised, the attacker can get the session keys and read current and future sessions. However, the session keys are securely erased when a session is destroyed, so that past sessions (before the compromise) cannot be read. The lifetime of a session is somewhat random. Cjdroute caches recently active sessions, and destroys sessions that have not been used for a while.


Running sessionStats requires admin privilege. The cjdnsadmin lib will try to read /etc/cjdroute.conf for the admin password. This will normally succeed only for root. Otherwise, it tries ~/.cjdnsadmin


~/.cjdnsadmin /etc/cjdroute.conf


If you get a TypeError, you probably have the wrong admin password.


cjdroute(1), peerStats(1)

Referenced By


show cjdns crypto sessions