[Openswan Users] querries for DES in openswan
Paul Wouters
paul at xelerance.com
Wed Jun 28 17:18:39 CEST 2006
On Wed, 28 Jun 2006, Souvik Ghosh wrote:
> I am a newbies to ipsec. I need an ipsec distribution that supports DES,
> 3DES, and AES as chipers. I downloaded openswan-2.4.2 but it has no user
> interface for DES. Can anybody please help on this case. How can do it or is
> there any patch available to make it work for DES also ?
Your requirements are wrong. You should not need DES, as DES is completely
broken on modern CPUs. Do not use it. Put your foot down with mangement
and tell them they are wrong.
If that fails, you can tell them you enabled USE_WEAKSTUFF (for 2.4.x)
and NO_CRYPTO (for #public) and explicitely went against the advise of
everyone by enabling -DUSE_1DES programs/pluto/Makefile.
Note that in that configuration, we guarantee you that your VPN is
completely unsafe and can be broken by any amateur with a few PC's.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list