Annotation of embedaddon/ipsec-tools/src/racoon/samples/racoon.conf.sample-gssapi, revision 1.1.1.1
1.1 misho 1: # $KAME: racoon.conf.sample-gssapi,v 1.5 2001/08/16 06:33:40 itojun Exp $
2:
3: # sample configuration for GSSAPI authentication (basically, Kerberos).
4: # doc/README.gssapi gives some idea on how to configure it.
5: # TODO: more documentation.
6:
7: #listen {
8: # strict_address;
9: #}
10:
11: # Uncomment the following for GSS-API to work with older versions of
12: # racoon that (incorrectly) used ISO-Latin-1 encoding for the GSS-API
13: # identifier attribute.
14: #gss_id_enc latin1;
15:
16: remote anonymous {
17: exchange_mode main;
18:
19: lifetime time 24 hour;
20:
21: proposal {
22: encryption_algorithm 3des;
23: hash_algorithm sha1;
24: authentication_method gssapi_krb;
25: # The default GSS-API ID is "host/hostname", where
26: # hostname is the output of the hostname(1) command.
27: # You probably want this to match your system's host
28: # principal. ktutil(8)'s "list" command will list the
29: # principals in your system's keytab. If you need to,
30: # you can change the GSS-API ID here.
31: #gss_id "host/some.host.name";
32:
33: dh_group 1;
34: }
35: }
36:
37: sainfo anonymous {
38: lifetime time 2 hour;
39:
40: encryption_algorithm rijndael, 3des;
41: authentication_algorithm hmac_sha1, hmac_md5;
42: compression_algorithm deflate;
43: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to racoon.conf.sample-gssapi CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon / samples