Displaying 11 results from an estimated 11 matches for "newhostkey".
2016 Apr 01
5
Libreswan PEM format
Sorry but I have looked for over two days. Trying every command I could find.
There is obviously a misunderstanding somewhere.
After generating a key pair with
ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets
I exported to a file with
ipsec showhostkey --ipseckey > file
The man pages says
ipsec showhostkey outputs in ipsec.conf(5) format,
Ie
***.server.net. IN IPSECKEY 10 0 2 .
AQPs3gZ6GBRJSoy/6RxrL/cMv0JnYEKR/SYmXUCVlkBFNi2D7VJsa1...
2016 Apr 01
2
Libreswan PEM format
I generated according to the docs . Which produced
my server.secrets as below
used the command
ipsec newhostkey --configdir /etc/ipsec.d --output
/etc/ipsec.d/www.example.com.secrets
: RSA {
# RSA 3328 bits ***.**.net Fri Apr 1 15:39:32 2016
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=0sAQPs3gZ6GBRJSoy/6RxrL/cMv0JnYEKR/SYmXUCVlkBFNi2D7VJsa17ffvmBUjLLD6/T72M31JvlPhkSz...
2016 Apr 01
2
Libreswan PEM format
...irjoitti:
>
>> Hi I am trying to setup a libreswan vpn between centos 7 and a Mikrotik
>> router.
>>
>> I am try to get the keys working. My problem is the Mikrotik router
>> wants the key in PEM format
>>
>> How do I export the keys generated with ipsec newhostkey
>> into PEM format ?
>>
>>
>> Thanks
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> _______________________________________________
&g...
2016 Apr 01
2
Libreswan PEM format
...01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
>
>> Sorry but I have looked for over two days. Trying every command I could
>> find.
>>
>> There is obviously a misunderstanding somewhere.
>>
>> After generating a key pair with
>> ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets
>>
>> I exported to a file with
>> ipsec showhostkey --ipseckey > file
>>
>> The man pages says
>> ipsec showhostkey outputs in ipsec.conf(5) format,
>>
>> Ie
>>
>>
>> ***....
2016 Apr 01
2
Libreswan PEM format
Hi I am trying to setup a libreswan vpn between centos 7 and a Mikrotik router.
I am try to get the keys working. My problem is the Mikrotik router
wants the key in PEM format
How do I export the keys generated with ipsec newhostkey
into PEM format ?
Thanks
2016 Apr 01
0
Libreswan PEM format
...ex with certificates. try first with PSK authentication
and then with certificates
--
Eero
2016-04-01 20:21 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
> I generated according to the docs . Which produced
> my server.secrets as below
>
> used the command
>
> ipsec newhostkey --configdir /etc/ipsec.d --output
> /etc/ipsec.d/www.example.com.secrets
>
>
> : RSA {
> # RSA 3328 bits ***.**.net Fri Apr 1 15:39:32 2016
> # for signatures only, UNSAFE FOR ENCRYPTION
>
> #pubkey=0sAQPs3gZ6GBRJSoy/6RxrL/cMv0JnYEKR/SYmXUCVlkBFNi2D7VJ...
2016 Apr 01
0
Libreswan PEM format
...-commands.html
--
Eero
2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
> Sorry but I have looked for over two days. Trying every command I could
> find.
>
> There is obviously a misunderstanding somewhere.
>
> After generating a key pair with
> ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/my.secrets
>
> I exported to a file with
> ipsec showhostkey --ipseckey > file
>
> The man pages says
> ipsec showhostkey outputs in ipsec.conf(5) format,
>
> Ie
>
>
> ***.server.net. IN IPSECKEY 10 0 2 .
>...
2016 Apr 01
0
Libreswan PEM format
...npierce at gmail.com>:
> >
> >> Sorry but I have looked for over two days. Trying every command I could
> >> find.
> >>
> >> There is obviously a misunderstanding somewhere.
> >>
> >> After generating a key pair with
> >> ipsec newhostkey --configdir /etc/ipsec.d --output
> /etc/ipsec.d/my.secrets
> >>
> >> I exported to a file with
> >> ipsec showhostkey --ipseckey > file
> >>
> >> The man pages says
> >> ipsec showhostkey outputs in ipsec.conf(5) format,
> >>
>...
2016 Apr 01
0
Libreswan PEM format
...t;glennpierce at gmail.com> kirjoitti:
> Hi I am trying to setup a libreswan vpn between centos 7 and a Mikrotik
> router.
>
> I am try to get the keys working. My problem is the Mikrotik router
> wants the key in PEM format
>
> How do I export the keys generated with ipsec newhostkey
> into PEM format ?
>
>
> Thanks
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
2016 Apr 01
0
Libreswan PEM format
...m trying to setup a libreswan vpn between centos 7 and a Mikrotik
> >> router.
> >>
> >> I am try to get the keys working. My problem is the Mikrotik router
> >> wants the key in PEM format
> >>
> >> How do I export the keys generated with ipsec newhostkey
> >> into PEM format ?
> >>
> >>
> >> Thanks
> >> _______________________________________________
> >> CentOS mailing list
> >> CentOS at centos.org
> >> https://lists.centos.org/mailman/listinfo/centos
> >>
> >...
2009 Oct 23
1
upgrade to 5.4 openswan broke
...sql:/etc/ipsec.d
certutil: function failed: security library: bad database.
If I ran the command without the sql: like this
# certutil -N -d sql:/etc/ipsec.d
it would create the database files.
I would then execute
# modutil -fips true -dbdir /etc/ipsec.d
followed by
# /usr/sbin/ipsec newhostkey --configdir /etc/ipsec.d/nssdb
--password password1 --output /etc/ipsec.d/host.secrets
After replacing the hostkey in the file I tried to bring the connection
up but the connection would not start and the following error message
was in the log file.
unable to locate my private key for RSA Si...