IPsec and fixed keys
I want to set up IPsec & manual keying (not use isakmpd at all)
So, I set up something as:
host01 /etc>cat ipsec.conf
#
# Set up a tunnel using static keying:
#
flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2
esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey 0x54....somethnig_hex...:0x.....something_hex... \
enckey 0x...some_hex....:0x...some_hex......
And it works fine.
Now I want tu put keys into separate files, and my question is, how to create files for authkey i enckey?
It is NOT working for me, when I set up something as:
cat /etc/authkey.txt
0xaaaa........:0xbbbbbb...... (all is one line, keys separated by : )
or:
0xaaaa....... (two lines)
0xbbbb......
or:
aaaa....
bbbb...
what is the right syntax for this two files? I cant find any example :-(
Of course, ipsec.conf is now:
flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2
esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey file "/etc/authkey.txt" enckey file "/etc/enckey.txt"
|