From: Steffan Karger <steffan@karger.me>
Date: Sun, 25 Dec 2016 22:02:14 +0000 (+0100)
Subject: man: encourage user to read on about --tls-crypt
X-Git-Tag: v2.4.0~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ebd24617f97c63fbe40a07e855ae3469f96474d7;p=thirdparty%2Fopenvpn.git

man: encourage user to read on about --tls-crypt

As suggested by krzee in trac #790, refer to the --tls-crypt option
form the --tls-auth section of the man page, to encourage users to
check out the --tls-crypt feature.

Trac: #790
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1482703334-18949-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13713.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
(cherry picked from commit 403dfe1bfdbdf6e5f8abac3401a96852562aec54)
---

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index b1bb39c72..eb85d2330 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -5036,6 +5036,11 @@ key file used with
 .B \-\-tls\-auth
 gives a peer nothing more than the power to initiate a TLS
 handshake.  It is not used to encrypt or authenticate any tunnel data.
+
+Use
+.B \-\-tls\-crypt
+instead if you want to use the key file to not only authenticate, but also
+encrypt the TLS control channel.
 .\"*********************************************************
 .TP
 .B \-\-tls\-crypt keyfile