Re: FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: /etc/ipsec.secrets line 4: bad RSA key syntax
On Sat, Jun 29, 2002 at 12:52:58PM -0400, Phillip Hofmeister wrote: : RSA /etc/ipsec.d/private/ns2.zionlth.org.key That certainly looks right. Try removing the absolute part of the path. Change it to: : RSA ns2.zionlth.org.key Jun 29 01:11:10 Oneil Pluto[2874]: loading secrets from /etc/ipsec.secrets Jun 29 01:11:10 Oneil Pluto[2874]: /etc/ipsec.secrets line 4: bad RSA key syntax I have checked the changelog and it appears there is a x509 patch in place (I applied the maintainers diff file to the source...) The symptoms appear to indicate that the x509 patch was not actually installed correctly. How did you install it? Did you use the maintainers 'apply' script (in /usr/src/kernel-patches/all/apply/freeswan)? If not, I'd give that a try. What does 'dmesg | grep klips' tell you? If you see lines mentioning 'ipsec_ext_init', that should be a good indication that the x509 patch was correctly installed. If that's the case, then I'm not sure what the problem might be... I would even stick the key in my secrets file directly if the fswcert utility was included in the source kit (it does not appear to be). It's no longer necessary since FreeS/WAN can load the certs directly. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgpGvOXYIqJwQ.pgp Description: PGP signature
FreeSwan Errors: Jun 29 01:08:11 Oneil Pluto[2694]: /etc/ipsec.secrets line 4: bad RSA key syntax
All, I have installed the source for freeswan (woody) on my potato box and compiled it. When I add the following lines to my secrets file: # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. : RSA /etc/ipsec.d/private/ns2.zionlth.org.key I get the following error: Jun 29 01:11:10 Oneil Pluto[2874]: loading secrets from /etc/ipsec.secrets Jun 29 01:11:10 Oneil Pluto[2874]: /etc/ipsec.secrets line 4: bad RSA key syntax I have checked the changelog and it appears there is a x509 patch in place (I applied the maintainers diff file to the source...) I would even stick the key in my secrets file directly if the fswcert utility was included in the source kit (it does not appear to be). Is the syntax of the config file right? (yes there is a line feed following the : RSA line). Does the patch currently in woody handle : RSA lines (the documentation in src/freeswan-1.96/debian/x509patch-0.9.9-freeswan-1.96/README says it does...) Any help would be appreciated. If I can't get this secrets file right can anyone point me to the source for fswcert? Thanks, Phil PS. I am on neither of these lists. Please CC me in replies. - End forwarded message - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
