Annotation of embedaddon/ipsec-tools/src/racoon/samples/racoon.conf.sample-plainrsa, revision 1.1
1.1 ! misho 1: # Id: racoon.conf.sample-plainrsa,v 1.4 2005/12/13 16:41:07 vanhu Exp
! 2: # Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs
! 3: # http://www.logix.cz/michal
! 4:
! 5: # This file shows the usage of PlainRSA keys, which are widely used
! 6: # by FreeSWAN/OpenSwan/StrongSwan/*Swan users. This functionality is
! 7: # here mainly for those who are moving from the *Swan world to Racoon.
! 8:
! 9: # Racoon will look for a keyfile in this directory.
! 10: path certificate "samples" ;
! 11:
! 12: remote anonymous
! 13: {
! 14: # *Swan supports only 'main' mode.
! 15: exchange_mode main;
! 16:
! 17: # *Swan doesn't send identifiers by default.
! 18: my_identifier address;
! 19: peers_identifier address;
! 20:
! 21: # This is the trick - use PlainRSA certificates.
! 22: certificate_type plain_rsa "privatekey.rsa";
! 23:
! 24: # Multiple certfiles are supported.
! 25: peers_certfile plain_rsa "pubkey1.rsa";
! 26: peers_certfile plain_rsa "pubkey2.rsa";
! 27:
! 28: # Standard setup follows...
! 29: proposal_check strict;
! 30:
! 31: proposal {
! 32: encryption_algorithm 3des;
! 33: hash_algorithm sha1;
! 34: authentication_method rsasig;
! 35: dh_group 2;
! 36: }
! 37: }
! 38:
! 39: sainfo anonymous
! 40: {
! 41: pfs_group 2;
! 42: lifetime time 12 hour;
! 43: encryption_algorithm 3des, aes;
! 44: authentication_algorithm hmac_sha1, hmac_md5;
! 45: compression_algorithm deflate;
! 46: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to racoon.conf.sample-plainrsa CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon / samples