The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

ike.preshared (4)
  • >> ike.preshared (4) ( Solaris man: Специальные файлы /dev/* )
  •  

    NAME

    ike.preshared - pre-shared keys file for IKE
     
    

    SYNOPSIS

    /etc/inet/secret/ike.preshared
    
     

    DESCRIPTION


     The /etc/inet/secret/ike.preshared file contains secret keying material that two IKE instances can use to authenticate each other. Because of the sensitive nature of this data, it is kept in the /etc/inet/secret directory, which is only accessible by root.

    Pre-shared keys are delimited by open-curly-brace ({) and close-curly-brace (}) characters. There are five name-value pairs required inside a pre-shared key:

    NameValueExample
    localidtypeIPlocalidtype IP
    remoteidtypeIPremoteidtype IP
    localidIP-addresslocalid 10.1.1.2
    remoteidIP-addressremoteid 10.1.1.3
    keyhex-string 1234567890abcdef

    Comment lines with # appearing in the first column are also legal.

    Files in this format can also be used by the ikeadm(1M) command to load additional pre-shared keys into a running an in.iked(1M) process.  

    EXAMPLES

    Example 1: A Sample ike.preshared File

    The following is an example of an ike.preshared file:

      
    #
    # Two pre-shared keys between myself, 10.1.1.2, and two remote
    # hosts.  Note that names are not allowed for IP addresses.     
    #
    # A decent hex string can be obtained by performing:
    #           od -x </dev/random | head
    #
    
    {
         localidtype IP
         localid 10.1.1.2
         remoteidtype IP
         remoteid 10.21.12.4
         key 4b656265207761732068657265210c0a 
    }
    
    {
         localidtype IP
         localid 10.1.1.2
         remoteidtype IP
         remoteid 10.9.1.25
         key 536f20776572652042696c6c2c2052656e65652c20616e642043687269732e0a
    }
    
    

     

    SECURITY


     If this file is compromised, all IPsec security associations derived from secrets in this file will be compromised as well. The default permissions on ike.preshared are 0600. They should stay this way.  

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE
    AvailabilitySUNWcsr

     

    SEE ALSO

    od(1), ikeadm(1M), in.iked(1M), ipseckey(1M), attributes(5), random(7D)


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    EXAMPLES
    SECURITY
    ATTRIBUTES
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру