[Openswan Users] key 2048 bit

Sergey V. Stenkin stenkinsv at amteo.ru
Wed Mar 27 06:17:53 UTC 2013


man ipsec_newhostkey

--snip--
The --bits option specifies the number of bits in the key; the current
default is 2192 and we do not recommend use of anything shorter unless
unusual constraints demand it.
--snip--

---
Sergey

26.03.2013 20:27, Salvatore пишет:
> Hi,
> so much time that I do not use openswan and sorry because my question is
> trivial, for years I used the following configuration for a connection vpn
> site-to-site and use a key to 2192 bits, but now I would a 2048-bit key and
> do not know how to generate this key, in the past I have always used the
> command:
>
> #ipsec newhostkey --output /etc/ipsec.secrets
>
> My configuration is:
>
> conn pixsl15
> auto=ignore
> pfs=yes
>   left=81.x.x.x
> leftsubnet=10.0.0.0/24
> leftnexthop=81.x.x.y
> leftrsasigkey=0sAQPviNyME0giYwJk5LTtX7....
> right=91.x.x.x
> rightsubnet=192.168.0.0/24
> rightnexthop=91.x.x.y
> rightrsasigkey=0sAQOBJlzFVyCyh12CcdGSiKI...
>
> Thanks in advance.
>
>
> -
>   Salvatore.
>
>
>
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>



More information about the Users mailing list