man: encourage user to read on about --tls-crypt

As suggested by krzee in trac #790, refer to the --tls-crypt option
form the --tls-auth section of the man page, to encourage users to
check out the --tls-crypt feature.

Trac: #790
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1482703334-18949-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13713.html
Signed-off-by: David Sommerseth <davids@openvpn.net>

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index b1bb39c720c853044bb8d25c0fc52b808ba0e48a..eb85d233060ff5ad12e11161b7cf2c4ea7d468d1 100644 (file)
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -5036,6 +5036,11 @@ key file used with
 .B \-\-tls\-auth
 gives a peer nothing more than the power to initiate a TLS
 handshake.  It is not used to encrypt or authenticate any tunnel data.
+
+Use
+.B \-\-tls\-crypt
+instead if you want to use the key file to not only authenticate, but also
+encrypt the TLS control channel.
 .\"*********************************************************
 .TP
 .B \-\-tls\-crypt keyfile