Using shared secret with PGPNet ???
je at sekure.net
Thu Jun 14 03:49:43 EDT 2001
Johan Allard has written a guide about how you get PGPnet<-->OpenBSD
On Wed, 13 Jun 2001, Will Price wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> One does not "use shared secret instead of IKE". One uses IKE to
> setup the shared secret connection. There is no way to securely use
> IPsec without a control protocol like IKE.
> PGPnet VPN has been tested with the OpenBSD IPsec/IKE implementation,
> and it does work. There is probably more information on the web
> somewhere regarding how to configure OpenBSD IPsec. To be sure, the
> IPsec/IKE code on the OpenBSD side had to be the very latest versions
> of everything.
> I suggest using Expert mode to configure the gateway in PGPnet. You
> will probably need to modify the proposals in the VPN Advanced
> settings as well.
> Etienne Goyer wrote:
> > I am back to PGPNet and trying to have it use shared secret with an
> > OpenBSD host setup for IPSec. I have yet to make it work with
> > shared secret. The OpenBSD side should be correct as shared secret
> > is well supported according to the docs. I am using PGPNet version
> > 7.0.3. When I create my connection with the "Add host wizard", I
> > choose "First attempt shared secret, then fallback to public
> > key...". However, PGPNet log and tcpdump output suggest the PGPNet
> > host is going right to IKE for key exchange and don't even try
> > shared secret.
> > I must be missing something really simple. How do we force PGPNet
> > to use shared secret instead of IKE ??? Any help appreciated.
> - --
> Will Price, Director of Engineering
> PGP Security, Inc.
> a division of Network Associates, Inc.
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.1
> -----END PGP SIGNATURE-----
> VPN is sponsored by SecurityFocus.com
-- Support your government, give Carnivore / Echelon something to parse --
classfield top-secret government restricted data information project CIA
KGB GRU DISA DoD defense systems military systems spy steal terrorist
Allah Natasha Gregori destroy destruct attack democracy will send Russia
bank system compromise international own rule the world ATSC RTEM warmod
ATMD force power enforce sensitive directorate TSP NSTD ORD DD2-N AMTAS
STRAP warrior-T presidental elections policital foreign embassy takeover
VPN is sponsored by SecurityFocus.com
More information about the VPN