[Users] Pb with Rsa keys

From: Miky J (mikydeb_at_yahoo.fr)
Date: Tue Nov 05 2002 - 18:16:44 CET

• Next message: Sam Sgro: "[Users] Re: [Design] I am in a point where I need a divine guidance from a free/swan guru."
• Previous message: Andreas Steffen: "[Users] Re: [Bugs] a little bug on the website"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi List,

I'm tring to get my two getways connected.

**********

I have this message when i try to connect

STATE_MAIN_I1: initiate
STATE_MAIN_I2: sent MI2, expecting MR2
unable to locate my private key for RSA Signature
STATE_MAIN_I2: AUTHENTICATION_FAILED

*********

I generated my key using this command

rsaigkey --verbose 2048 > ipsec.secrets

Permission is rw for root and he's the owner

nb: i've read on the mailling list archive that it's
not the way to do but that's what is written in the
0.95 doc version

*********

conn eits-earths
       # Left security gateway, subnet behind it, next
hop toward right.
       left=xxxxx53.18
       leftsubnet=192.168.1.0/24
       leftnexthop=xxxxx53.17
       # Right security gateway, subnet behind it,
next hop toward left.
       right=yyyyy247.139
       rightsubnet=192.168.2.0/24
       rightnexthop=zzzzzz194.134
       leftid=@gw1.domain1.com
       rightid=@gw2.domain2.com
       authby=rsasig
      
leftrsasigkey=0x--0sAQNeAvftiu1k5IFWM8gxxxxxxxxxxxxxxxlkWxHEPaEscfeybCTdgOP8uhXkoCJfW/UJc2vQo6vHrfxjpb7XJySSo3G4oe
      
rightrsasigkey=0x--0sAQNswLi6o119MOweR/y4xxxxxxxxxxmP081BMQG7EF2RLLz4+NoKs67KgwKoSgA2PEPuIwHlrNAvAgOhXW5
       auto=add

******

ipsec.secrets

:rsa {

       # RSA 2048 bits xx Tue Nov 5 14:01:19 2002
       # for signatures only, UNSAFE FOR ENCRYPTION
       #pubkey=0rfxjpb7XJySSo3G4oeYHonxpfQW7
       #IN KEY 0x4200 4 1uhXkoCJfWvQo6b7XJySSo3G4oeY
       # = auth-only host-level, 4 = IPSec, 1 = RSA)
       Modulus: b26c24dd80e3fcba15e4a0225f5bf509736bd0
       PublicExponent: 0x03
       # everything after this point is secret
       PrivateExponent:f03a61ab06539fe
       Prime1: cfb26eb369c8f
       Prime2: a0f965af9105d368e4059ff
       Exponent1:3a3c7dd77477c44d4935219f2246
       Exponent2:6b50ee750b59379b42ae
       Coefficient: af945a0fc3fd88
       }

So it's indented...

I had rsa : because i saw it in a howto but even
without it doesn't work

********

After i have the errors I look at my logs and i find
ipsec__plutorun: 003 "/etc/ipsec.secrets" line 10:
malformed end of RSA private key -- indented '}'
required

But when i start ipsec it doesn't show any errors

Does anyone have an idea how can i fix the problem..

Thanx

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Sam Sgro: "[Users] Re: [Design] I am in a point where I need a divine guidance from a free/swan guru."
• Previous message: Andreas Steffen: "[Users] Re: [Bugs] a little bug on the website"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Wed Nov 06 2002 - 05:20:36 CET