[Openswan Users] Private Keys disabled
Marcos Roberto Greiner
rgreiner at usp.br
Mon Jun 11 10:54:38 EDT 2007
Paul Wouters wrote:
> On Mon, 11 Jun 2007, Marcos Roberto Greiner wrote:
>
>> Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
>> ipsec showhostkey: no default key in "/etc/ipsec.secrets"
>
>> the private keys seem to be disabled. In the /etc/ipsec.secrets file, I
>> got the following entry:
>> : RSA /etc/ipsec.d/private/server_nameKey.pem
>
> No, only raw (non-X509 packaged) keys are not installed.
Ok, but how do I fix the message above about the key beeing disabled?
The way it is, when I try 'ipsec showhostkey --left', it gives me:
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
I've tried using 'ipsec newhostkey'and replaced the pre-installed one,
without result. Where do I find documentation about enabling this key,
since the error message says that the key is disabled, not that it
wasn't found?
>
>> PS: A curiosity. I noticed something weird when typing ipsec --help.
>> Some of the available commands seemed duplicated, so I typed ipsec
>> --help|sort, to see if there were more. To my surprise every single
>> command displayed was duplicated. Is that normal? That's the output I
>> received with the sort:
>>
>> server:~# ipsec --help|sort
>>
>> auto
>> auto
>> barf
>> barf
>
> No, that's not normal. Perhaps you have two installs? One in /usr and
> one in /usr/local?
>
> Paul
I've tried uninstalling the openswan and ipsec-tools packages completely
(with apt's --purge option), checked that no ipsec or openswan file was
left, and then proceeded to reinstall. The problem remains :-(
Roberto
--
-----------------------------------------------------
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
Murphy
-----------------------------------------------------
More information about the Users
mailing list