File:
[ELWIX - Embedded LightWeight unIX -] /
elwix /
config /
etc /
default /
racoon /
racoon.conf.sample-gssapi
Revision
1.1.1.1 (vendor branch):
download - view:
text,
annotated -
select for diffs -
revision graph
Tue Jul 5 23:43:00 2011 UTC (13 years, 2 months ago) by
misho
Branches:
misho,
MAIN
CVS tags:
start,
elwix2_3,
elwix2_2,
elwix2_1,
elwix2_0,
elwix1_9_mips,
elwix1_9,
elwix1_8,
elwix1_7,
elwix1_6,
elwix1_5,
elwix1_4,
Patch1,
HEAD,
ELWIX2_2p0,
ELWIX2_1,
ELWIX2_0,
ELWIX1_9,
ELWIX1_8,
ELWIX1_7,
ELWIX1_6,
ELWIX1_5
ELWIX project
1: # $KAME: racoon.conf.sample-gssapi,v 1.5 2001/08/16 06:33:40 itojun Exp $
2:
3: # sample configuration for GSSAPI authentication (basically, Kerberos).
4: # doc/README.gssapi gives some idea on how to configure it.
5: # TODO: more documentation.
6:
7: #listen {
8: # strict_address;
9: #}
10:
11: # Uncomment the following for GSS-API to work with older versions of
12: # racoon that (incorrectly) used ISO-Latin-1 encoding for the GSS-API
13: # identifier attribute.
14: #gss_id_enc latin1;
15:
16: remote anonymous {
17: exchange_mode main;
18:
19: lifetime time 24 hour;
20:
21: proposal {
22: encryption_algorithm 3des;
23: hash_algorithm sha1;
24: authentication_method gssapi_krb;
25: # The default GSS-API ID is "host/hostname", where
26: # hostname is the output of the hostname(1) command.
27: # You probably want this to match your system's host
28: # principal. ktutil(8)'s "list" command will list the
29: # principals in your system's keytab. If you need to,
30: # you can change the GSS-API ID here.
31: #gss_id "host/some.host.name";
32:
33: dh_group 1;
34: }
35: }
36:
37: sainfo anonymous {
38: lifetime time 2 hour;
39:
40: encryption_algorithm rijndael, 3des;
41: authentication_algorithm hmac_sha1, hmac_md5;
42: compression_algorithm deflate;
43: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>