[Openswan Users] Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
Paul Wouters
paul at xelerance.com
Thu Nov 2 16:04:53 EST 2006
On Thu, 2 Nov 2006, André Marascalchi Zenun wrote:
> I finally have my kernel running and OpenSwan 2.4.6 running!
> I just have one issue that I'm not sure if is serious!
>
> When I execute "ipsec verify" I get the following:
>
> Version check and ipsec on-path [OK]
> Linux Openswan U2.4.6/K2.4.7rc2 (klips)
> Checking for IPsec support in kernel [OK]
> Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
> ipsec showhostkey: no default key in "/etc/ipsec.secrets"
> Checking that pluto is running [OK]
> Two or more interfaces found, checking IP forwarding [OK]
> Checking NAT and MASQUERADEing [N/A]
> Checking for 'ip' command [OK]
> Checking for 'iptables' command [OK]
> Opportunistic Encryption Support [DISABLED]
>
> I would like to know why I get this "[DISABLED]" in the RSA private key
> verification!
>
> In the ipsec.secrets I have this:
>
> : RSA /etc/ipsec.d/private/vpnKey.pem
>
> This is the default when I install OpenSwan using APT!
>
> Could some one give some help?
You can ignore the error, or do:
ipsec newhostkey --file /root/tmpkey
cat /root/tmpkey >> /etc/ipsec.secrets
rm /root/tmpkey
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list