Ruben I Safir wrote:
> I've had no success with it and other told me that SSH Sentinal is broken.
>
> That's why I asked the list.
>
> I've been trying to get this done with shared secrets, but it's still asking
> for a certificate. We are trying to avoid using the weakened encryption with the
> patch for X509 Certificate
Where did you get the weird idea from that the X.509 patch weakens
encryption? Quite to the contrary. It is not trivial to generate
and enter a shared secret having an entropy of 128 bits whereas the
use of a X.509 certificate bound to an RSA public/private key pair
gives you more of a guarantee that the keying material used for
peer authentication is truly random.
> Do you have a URL for the howto from Brian?
>
> Ruben
>
> On 2002.07.03 06:52 Ken Bantoft wrote:
>
>>
>>Where did you hear that? See Brian <blanda_at_mnsi.net>'s post from July 3rd
>>with step by step instructions on doing just this on Suse 8.0...
>>
>>
>>--
>>Ken Bantoft One Unix to rule them all, One Resolver to find them,
>>ken_at_networkoverlord.com One IP to bring them all, and in the zone, bind them.
>>
>>
>>
>>On Wed, 3 Jul 2002, Ruben I Safir wrote:
>>
>>
>>>IS it true that SSH's product for Windows doesn't work using shared secrets with
>>>FreeS/Wan
>>>
>>>Why would that be the case?
>>>
>>>Is there a better windows client for FreeSwan?
>>>
>>>Ruben
>>>
Regards
Andreas
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:18 CEST