Using shared secret with PGPNet ???

Jonas Eriksson je at sekure.net
Thu Jun 14 03:49:43 EDT 2001 

Johan Allard has written a guide about how you get PGPnet<-->OpenBSD
to work:

http://www.allard.nu/openbsd/


Regards
Jonas Eriksson

On Wed, 13 Jun 2001, Will Price wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> One does not "use shared secret instead of IKE".  One uses IKE to
> setup the shared secret connection. There is no way to securely use
> IPsec without a control protocol like IKE.
> 
> PGPnet VPN has been tested with the OpenBSD IPsec/IKE implementation,
> and it does work. There is probably more information on the web
> somewhere regarding how to configure OpenBSD IPsec. To be sure, the
> IPsec/IKE code on the OpenBSD side had to be the very latest versions
> of everything.
> 
> I suggest using Expert mode to configure the gateway in PGPnet. You
> will probably need to modify the proposals in the VPN Advanced
> settings as well.
> 
> 
> 
> Etienne Goyer wrote:
> > I am back to PGPNet and trying to have it use shared secret with an
> > OpenBSD host setup for IPSec.  I have yet to make it work with
> > shared secret.  The OpenBSD side should be correct as shared secret
> > is well supported according to the docs.  I am using PGPNet version
> > 7.0.3.  When I create my connection with the "Add host wizard", I
> > choose "First attempt shared secret, then fallback to public
> > key...".  However, PGPNet log and tcpdump output suggest the PGPNet
> > host is going right to IKE for key exchange and don't even try
> > shared secret.
> > 
> > I must be missing something really simple.  How do we force PGPNet
> > to use shared secret instead of IKE ???  Any help appreciated.
> 
> 
> - -- 
> 
> Will Price, Director of Engineering
> PGP Security, Inc.
> a division of Network Associates, Inc.
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.1
> 
> iQA/AwUBOyfB4Ky7FkvPc+xMEQJ5gQCg6/Kw2M7YZh9dEbPkXgJMx9SIJcMAnigA
> zhoxfO5N6vmLgB6jhOD9Dnrl
> =afzM
> -----END PGP SIGNATURE-----
> 
> VPN is sponsored by SecurityFocus.com
> 
> 


-- Support your government, give Carnivore / Echelon something to parse --
classfield  top-secret government  restricted data information project CIA
KGB GRU DISA  DoD  defense  systems  military  systems spy steal terrorist
Allah Natasha  Gregori destroy destruct attack  democracy will send Russia
bank system compromise international  own  rule the world ATSC RTEM warmod
ATMD force power enforce  sensitive  directorate  TSP NSTD ORD DD2-N AMTAS 
STRAP warrior-T presidental  elections  policital foreign embassy takeover
--------------------------------------------------------------------------


VPN is sponsored by SecurityFocus.com

More information about the VPN mailing list