[Openswan Users] Problem with _plutorun script

Andreas Steffen andreas.steffen at strongsec.net
Fri Jun 18 16:27:54 CEST 2004 

I suspect that you are using an incorrect syntax
in ipsec.secrets. This has been known to cause crashes of
Pluto. This can happen if you embed the loading of your
private key file into the existing default raw private RSA
key generated by the installation script.

: RSA freeswan-priv.pem
   {
     default raw RSA private key
   }

The correct syntax is

: RSA freeswan-priv.pem

: RSA
    {

    }

or even better delete the default RSA key, since you
usually won't need it. So please check your ipsec.secrets file.

Regards

Andreas

desantis at csr.unibo.it wrote:

> Ih all,
> I istalled on my gateway openswan-2.1.2 and i have a problem with
> "ipsec_plutorun" script.
> 
> this is the auth.log:
> 
> Jun 18 09:51:44 gewbecca pluto[27668]: Starting Pluto (Openswan Version 2.1.2
> X.509-1.4.8 PLUTO_USES_KEYRR)
> Jun 18 09:51:44 gewbecca pluto[27668]:   including NAT-Traversal patch (Version
> 0.6c)
> Jun 18 09:51:44 gewbecca pluto[27668]: Using KLIPS IPsec interface code
> Jun 18 09:51:44 gewbecca pluto[27668]: Changing to directory
> '/etc/ipsec.d/cacerts'
> Jun 18 09:51:44 gewbecca pluto[27668]:   loaded cacert file 'cacert.pem' (997
> bytes)
> Jun 18 09:51:44 gewbecca pluto[27668]: Changing to directory
> '/etc/ipsec.d/crls'
> Jun 18 09:51:44 gewbecca pluto[27668]:   loaded crl file 'crl.pem' (422 bytes)
> Jun 18 09:51:45 gewbecca pluto[27668]: added connection description "sticazzi"
> Jun 18 09:51:45 gewbecca pluto[27668]: added connection description
> "cisbic-filo"
> Jun 18 09:51:45 gewbecca pluto[27668]: added connection description
> "net-to-net"
> Jun 18 09:51:45 gewbecca pluto[27668]: added connection description "giorg"
> Jun 18 09:51:46 gewbecca pluto[27668]: added connection description "fallucch"
> Jun 18 09:51:46 gewbecca pluto[27668]: listening for IKE messages
> Jun 18 09:51:46 gewbecca pluto[27668]: adding interface ipsec0/eth0
> 62.94.168.26
> Jun 18 09:51:46 gewbecca pluto[27668]: adding interface ipsec0/eth0
> 62.94.168.26:4500
> Jun 18 09:51:46 gewbecca pluto[27668]: loading secrets from
> "/etc/ipsec.secrets"
> Jun 18 09:51:46 gewbecca pluto[27668]:   loaded private key file
> '/etc/ipsec.d/private/freeswan-priv.pem' (1594 bytes)
> Jun 18 09:51:57 gewbecca ipsec__plutorun: Restarting Pluto subsystem...
> Jun 18 09:51:57 gewbecca pluto[27943]: Starting Pluto (Openswan Version 2.1.2
> X.509-1.4.8 PLUTO_USES_KEYRR)
> .........................
> 
> and repeat the same lines ( with different PID ) every 10 seconds.
> I can stop freeswan only whit "killall _plutorun".
> 
> What's? is a bug? or is my configuration?
> 
> Thanks to all,
> 
> Filippo

=======================================================================
Andreas Steffen                   e-mail: andreas.steffen at strongsec.com
strongSec GmbH                    home:   http://www.strongsec.com
Alter Zürichweg 20                phone:  +41 1 730 80 64
CH-8952 Schlieren (Switzerland)   fax:    +41 1 730 80 65
==========================================[strong internet security]===


Content Security by MailMarshal

More information about the Users mailing list