DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 18th February 2014
igy01 igy01 is offline
Port Guard
 
Join Date: Jan 2011
Posts: 17
Thanked 0 Times in 0 Posts
Default IPsec and fixed keys

I want to set up IPsec & manual keying (not use isakmpd at all)

So, I set up something as:

host01 /etc>cat ipsec.conf
#
# Set up a tunnel using static keying:
#

flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2

esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey 0x54....somethnig_hex...:0x.....something_hex... \
enckey 0x...some_hex....:0x...some_hex......

And it works fine.

Now I want tu put keys into separate files, and my question is, how to create files for authkey i enckey?

It is NOT working for me, when I set up something as:

cat /etc/authkey.txt
0xaaaa........:0xbbbbbb...... (all is one line, keys separated by : )

or:

0xaaaa....... (two lines)
0xbbbb......

or:

aaaa....
bbbb...


what is the right syntax for this two files? I cant find any example :-(


Of course, ipsec.conf is now:

flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2

esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey file "/etc/authkey.txt" enckey file "/etc/enckey.txt"
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh keys barti OpenBSD Security 1 10th August 2012 09:51 AM
RSA keys not as random as they should be J65nko News 1 16th February 2012 10:09 PM
ncurses & function keys JimC OpenBSD General 1 24th October 2011 02:36 PM
Creative uses for SSH and SSH keys backrow Off-Topic 1 21st June 2010 01:09 AM
arrow keys in X idefix FreeBSD General 8 25th September 2009 08:16 AM


All times are GMT. The time now is 02:30 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick