Annotated edit history of
IPSecConfigurationRSA version 1, including all changes.
View license author blame.
Rev |
Author |
# |
Line |
1 |
CraigBox |
1 |
A much better idea than using a single preshared secret (a "password") is to use PublicKeyEncryption on your secrets, and IPSec supports the [RSA] algorithm for doing so. |
|
|
2 |
|
|
|
3 |
In your configuration file, you specify |
|
|
4 |
|
|
|
5 |
auth=rsasig |
|
|
6 |
|
|
|
7 |
to use RSA encryption |
|
|
8 |
|
|
|
9 |
Then you specify |
|
|
10 |
|
|
|
11 |
leftrsasig=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF... |
|
|
12 |
|
|
|
13 |
rightrsasig=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF... |
|
|
14 |
|
|
|
15 |
in your connection blocks. |
|
|
16 |
|
|
|
17 |
I'll flesh this out later. |