[Openswan Users] Question on ciphers
Mihir Shirali -X (mshirali - INFOSYS LIMITED at Cisco)
mshirali at cisco.com
Wed Jul 22 12:21:02 EDT 2015
Hi All,
I'm using RHEL 6.6 and openswan-2.6.32-37.el6.x86_64
I had a couple of questions related to ciphers:
1 - When I run the ipsec auto -status, I do see Blowfish listed as one of the available ciphers:
ipsec auto --status | grep BLOW
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
However, when I plug this into my config file, the tunnel does not come up. Could you please let me know if Blowfish is something which is unsupported
<snip>
esp=blowfish448-sha1
</snip>
2 - I believe esp cipher can be specified as follows
aes-sha1 OR
aes128-sha1
How does OpenSwan treat these 2 internally. Are they treated as 2 separate ciphers or the same one?
Regards,
Mihir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20150722/23318cba/attachment.html>
More information about the Users
mailing list