Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: "/etc/ipsec.secrets" line 4: bad RSA key syntax

From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Sat Jun 29 2002 - 20:28:58 CEST

Next message: Michael Richardson: "[Users] Re: FreeSWAN SRPMs?"
Previous message: Phillip Hofmeister: "[Users] FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: "/etc/ipsec.secrets" line 4: bad RSA key syntax"
In reply to: Phillip Hofmeister: "[Users] FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: "/etc/ipsec.secrets" line 4: bad RSA key syntax"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Since the line feed after the RSA line is present I suspect that either
the X.509 patch has not been applied at all or that the version is older
than 0.9.9. What X.509 version is listed in the log when Pluto starts up?

As a workaround you can download the fswcert tool from

http://www.strongsec.com/freeswan/old.htm

Regards

Andreas

Phillip Hofmeister wrote:
> All,
>
> I have installed the source for freeswan (woody) on my potato box and compiled it.
> When I add the following lines to my secrets file:
>
> # This file holds shared secrets or RSA private keys for inter-Pluto
> # authentication. See ipsec_pluto(8) manpage, and HTML documentation.
>
> : RSA /etc/ipsec.d/private/ns2.zionlth.org.key
>
>
> I get the following error:
>
> Jun 29 01:11:10 Oneil Pluto[2874]: loading secrets from "/etc/ipsec.secrets"
> Jun 29 01:11:10 Oneil Pluto[2874]: "/etc/ipsec.secrets" line 4: bad RSA key syntax
>
> I have checked the changelog and it appears there is a x509 patch in place
> (I applied the maintainers diff file to the source...)
>
> I would even stick the key in my secrets file directly if the fswcert utility
> was included in the source kit (it does not appear to be).
>
> Is the syntax of the config file right? (yes there is a line feed following the
> : RSA line). Does the patch currently in woody handle : RSA lines (the
> documentation in src/freeswan-1.96/debian/x509patch-0.9.9-freeswan-1.96/README
> says it does...)
>
> Any help would be appreciated. If I can't get this secrets file right can
> anyone point me to the source for fswcert?
>
> Thanks,
>
> Phil
>
>
> PS. I am on neither of these lists. Please CC me in replies.

======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: Michael Richardson: "[Users] Re: FreeSWAN SRPMs?"
Previous message: Phillip Hofmeister: "[Users] FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: "/etc/ipsec.secrets" line 4: bad RSA key syntax"
In reply to: Phillip Hofmeister: "[Users] FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: "/etc/ipsec.secrets" line 4: bad RSA key syntax"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:17 CEST