[Openswan Users]

Norman Rasmussen norman at rasmussen.co.za
Wed May 10 00:05:04 CEST 2006

woops - please use reply all, i missed the first time around :-)

On 5/9/06, Shalini Tadimeti <shalinitadimeti at yahoo.co.in> wrote:
> Can you please elaborate more about XAUTH? Its for
> extra authentication , but what is PAM? XAUTH is used
> more along with PAM.

XAUTH is an extra step of authentication users, see
http://wiki.openswan.org/index.php/XAUTH%20authenticator for some
info.  I've never used openswan's XAUTH (server or client side), my
only experience is using CheckPoint's client (with a Nokia server - I
think).  CheckPoint have an 'altered' XAUTH authentication protocol,
which openswan doesn't support (although there are some 3rd party
client only patches available)

> I want to send some data before IPSEC SA ( Security
> Association) is established in Openswan.What I want to
> know is how to go about it , what files do I need to
> go through in Openswan and what kind of changes do I
> do?

If you're looking to send a username + password combination then XAUTH
is what you want.  If you're looking to send machine name, maybe
assume that's the username or something.

- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/

More information about the Users mailing list