FreeS/WAN pre-shared keys
Jimen Ching
jching at flex.com
Sat May 5 13:33:57 PDT 2001
On Sat, 5 May 2001, Deven Phillips, CISSP wrote:
> You need to pre-share the public keys. This is done by taking the
>public keys and placing them into your connection settings like so:
>
> leftrsasigkey=<Your left side public key>
> rightrsasigkey=<Your right side public key>
>
> This is to ensure that the connection is not being spoofed. If you use
>internet negotiated keys, there is always the chance that someone could
>send you false keys, and then eavesdrop on your session.
I am using PSK for authentication, do I need to do this even if I do not
have a secret for RSA sig? Do I need to put an RSA key in my ipsec.secret
file? I also assume the rightrsasigkey is from work? They did not give
me one. They told me they are using PSK.
--jc
--
Jimen Ching (WH6BRR) jching at flex.com wh6brr at uhm.ampr.org
More information about the LUAU
mailing list