[please don't top post]
On 1/12/2011 10:13 AM, bsd wrote:
> Le 12 janv. 2011 à 13:53, Jim Pingle a écrit :
>
>> On 1/12/2011 5:48 AM, bsd wrote:
>>> Hello,
>>>
>>> I am trying to import a Shared Key from a previous XML file, It looks like
>>> the key found in the XML file can not be directly copy / pasted in the
>>> shared key box.
>>>
>>> Do you know what I have to "cut out" to make It work ?
>>>
>>> The key looks similar as this one :
>>>
>>> <shared_key>LS0tLS1CRUdJTiBPcGVuVlBOIFN0YXRpYyBrZXkgVjEtLS0tLQ0KNDNjNGZhODgyMjI0ZDI5NmFjNGQ1YjIzOTM5MGI4MjMNCmIwZGMxODc4NzEwZWFhMzRkNWU1MWE5YTJkY2ExYjc5DQpiYjQ4OTEwZmMwMTg3NzM3YmI1YmFkYTNhZTQzMjRkYQ0KZTI4Zjg3NDJiNDJkMzRlZDBiZTBjOTMxYTBkM2NkMjANCjRkNWUyOWM2ZTA5MzQ0NTU2NDBhNjI4YWNmMmNlNDRiDQpmYjUyMGQ1NmZiNmExZjA4ZmQwMTQ2YjRmZmY0ZmFiNA0KNTdjODgwNTQ0NzY0ZjdjZjJlYWJlYWYxZmEwY2JmMDMNCjY1ZjIzMzkzNDA4YmIyZThhZGU3MzA3Zjg5ZWE0MDUwDQoxyTkwYjczYzZiNWI1NmQ2NzZiMGUzMjUwYTMyNWMzNA0KNDA5ZTY5NzdmYzI2NmM1Y2FiYzg3YmY5ZjMwYzg0NmQNCjg4OTIwNTAzMGEyNzRkYTdiM2M1ZjJjMTU1MzNiNjk3DQo4NzM0ZjJhMzFhMTFhYzAyYzM0ZTMyNDE0xyFmNmNhMg0KZWU1Y2Y3OTllMTkxMmNkODUxMjY0MWI3OTI2M2MyMTMNCjllMjE1MWJlY2FhMzM5MjJmNDc0ZWFiNGIxY2FiZjgxDQpjYmY5NDUwYWEwOWVmOTk3YmVkM2QzMThiYjRlMDY2Yw0KNDMzYzc4NWMzYzNjOGRmMGQ2NWM0MTlhYTEzODQzOGENCi0tLS0tRU5EIE9wZW5WUE4gU3RhdGljIGtleSBWMS0tLS0t</shared_key>
>>
>> It's base64 encoded inside of the XML. You could copy/paste it into a
>> backup of the target router, or if you want the decoded version, go to
>> Diagnostics > Command, and type in:
>>
>> echo base64_decode("LSOtLS[...]");
>>
>> Put the contents of the <shared_key></shared_key> tag inside the quote
>> marks, not the tags itself. When you press Execute, it should give you
>> the plain text version you can then copy/paste.
>>
> Ok,
>
> Thanks very much.
> I didn't manage to get It working with the provided command line, got a
>
> Badly placed ()'s.
>
> … Anyway I have managed to get It decoded and working ok.
It should have gone in the PHP execute code box, not the command line.
Sorry for that.
You also should probably generate a new key, seeing as everyone on the
list (and those that can read the archive) now have a copy of your
shared key. :-)
If you're on 1.2.3 it's easy to make a new key, just go to Diagnostics >
Command, and in the shell execute box, type:
openvpn --genkey --secret /dev/stdout
Then copy/paste that to both boxes. It's probably better from a security
standpoint to make new shared keys in most cases than to keep importing
them over and over.
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
