[Openswan Users] "ipsec verify"

Paul Wouters paul at xelerance.com
Thu Sep 29 20:01:23 CEST 2005


On Thu, 29 Sep 2005, marcos at dytz.com.br wrote:

> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path                                  	[OK]
> Linux Openswan U2.2.0/K2.00pre1 (klips)

A bit old and mismatched, but probably works.

> Checking for RSA private key (/etc/ipsec/ipsec.secrets)          	[FAILED]
> hostname: invalid option -- -
> BusyBox v1.00 (2005.04.07-12:08+0000) multi-call binary
>
> Usage: hostname [OPTION] {hostname | -F FILE}
>
> awk: xregcomp: Unmatched \{

> Cannot execute command "host -t txt h3600": No such file or directory

> So I went to the "verify" script and found that the error was in "showhostkey"
> in the following line
>
> host="`hostname --fqdn`"
>
> So I rewrote it as
>
> host="`hostname`"
>
> since Busybox seems to not offer the --long/--fqdn option, is that correct?

that's fine.

> But I still couldn't find a way to patch the "awk: xregcomp: Unmatched \{", I
> tried installing AWK, but ipkg tool complained that it is already installed (it
> seems that it comes with Busybox) so anyone would have any idea on what to do to
> "patch" this error? And get a proper result for the RSA key.

you can try installing mawk or gawk packages

> By the way, the ipsec.secrets was changed and some comments were added to it,
> that means that the key file is valid or it has no meaning at all?
>
> As for the OE, there is no host() so I am discarding the MISSING result, but the
> last FAILED (the non-private address one) is a error in the configuration or
> should I not consider it?

ignore all of this.

Paul


More information about the Users mailing list