[Openswan Users] Debian packages needed.
Rene Mayrhofer
rene.mayrhofer at gibraltar.at
Fri Oct 8 01:28:29 CEST 2004
Paul Wouters wrote:
> # RSA private key for this host, authenticating it to any other host
> # which knows the public part. Suitable public keys, for ipsec.conf, DNS,
> # or configuration of other implementations, can be extracted conveniently
> # with "[sums to ef67...]".
> : RSA {
> /tmp/ipsec-postinst.be0f9Q
> }
> : RSA {
> /tmp/ipsec-postinst.bISzH8
> }
> : RSA {
> /tmp/ipsec-postinst.XlsM2g
>
> This looks very odd to me. It seems the debian installer tried to do
> something
> but failed to do it properly. I've CC:ed Rene on this message, perhaps
> he can fix this problem.
He already did ;-)
This is a known issue with earlier versions of the openswan package when
creating plain RSA keys instead of using X.509 certificates (which is
what I am using myself and thus testing far more thoroughly than the
auto-creation of plain RSA keys). Sorry for that issue, it has been
caused by a cut&paste error when converting the postinst script from
freeswan to openswan. Please update to the current version from Debian
unstable (2.2.0-4) to fix the issue. Unfortunately a broken file will
not get fixed automatically, so the simplest method is to dpkg --purge
it (which should remove /etc/ipsec.secrets) and re-install the new package.
Hope this helps,
Rene
More information about the Users
mailing list