Home » Mailing list archives » openbsd-misc » 2007 » September » 13

ipsec.conf - format of key specification

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Jeff Simmons <jsimmons@...>
To: <misc@...>
Subject: ipsec.conf - format of key specification
Date: Thursday, September 13, 2007 - 2:43 pm

What is the proper format for entering manual keys directly into the

ipsec.conf file?


Test file ipsec.test:


esp from 10.0.0.1 to 10.0.1.1 \

spi 0x00001011:0x00001010 \

auth hmac-sha1 enc aes \

authkey "1234567890123456789012345678901234567890" \

enckey "12345678901234567890123456789012" \


# ipsecctl -n -f ipsec.test

ipsec.test: 5: no authentication key specified

ipsecctl: Syntax error in config file: ipsec rules not loaded


The same happens if the key is specified:


12345678901234567890123456789012

0x12345678901234567890123456789012

"0x12345678901234567890123456789012"


The man page only specifies a 'hexadecimal string'. The same thing happens if

the key is entered into a file and the 'authkey file' directive is used. Any

help would be appreciated.


--

Jeff Simmons                                   jsimmons@goblin.punk.net

Simmons Consulting - Network Engineering, Administration, Security

"You guys, I don't hear any noise.  Are you sure you're doing it right?"

        --  My Life With The Thrill Kill Kult
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
ipsec.conf - format of key specification, Jeff Simmons, (Thu Sep 13, 2:43 pm)
Re: ipsec.conf - format of key specification, Stuart Henderson, (Thu Sep 13, 3:58 pm)