Le 12 janv. 2011 à 16:39, Jim Pingle a écrit : > [please don't top post] > On 1/12/2011 10:13 AM, bsd wrote: >> Le 12 janv. 2011 à 13:53, Jim Pingle a écrit : >> >>> On 1/12/2011 5:48 AM, bsd wrote: >>>> Hello, >>>> >>>> I am trying to import a Shared Key from a previous XML file, It looks like >>>> the key found in the XML file can not be directly copy / pasted in the >>>> shared key box. >>>> >>>> Do you know what I have to "cut out" to make It work ? >>>> >>>> The key looks similar as this one : >>>> >>>> <shared_key>LS0tLS1CRUdJTiBPcGVuVlBOIFN0YXRpYyBrZXkgVjEtLS0tLQ0KNDNjNGZhODgyMjI0ZDI5NmFjNGQ1YjIzOTM5MGI4MjMNCmIwZGMxODc4NzEwZWFhMzRkNWU1MWE5YTJkY2ExYjc5DQpiYjQ4OTEwZmMwMTg3NzM3YmI1YmFkYTNhZTQzMjRkYQ0KZTI4Zjg3NDJiNDJkMzRlZDBiZTBjOTMxYTBkM2NkMjANCjRkNWUyOWM2ZTA5MzQ0NTU2NDBhNjI4YWNmMmNlNDRiDQpmYjUyMGQ1NmZiNmExZjA4ZmQwMTQ2YjRmZmY0ZmFiNA0KNTdjODgwNTQ0NzY0ZjdjZjJlYWJlYWYxZmEwY2JmMDMNCjY1ZjIzMzkzNDA4YmIyZThhZGU3MzA3Zjg5ZWE0MDUwDQoxyTkwYjczYzZiNWI1NmQ2NzZiMGUzMjUwYTMyNWMzNA0KNDA5ZTY5NzdmYzI2NmM1Y2FiYzg3YmY5ZjMwYzg0NmQNCjg4OTIwNTAzMGEyNzRkYTdiM2M1ZjJjMTU1MzNiNjk3DQo4NzM0ZjJhMzFhMTFhYzAyYzM0ZTMyNDE0xyFmNmNhMg0KZWU1Y2Y3OTllMTkxMmNkODUxMjY0MWI3OTI2M2MyMTMNCjllMjE1MWJlY2FhMzM5MjJmNDc0ZWFiNGIxY2FiZjgxDQpjYmY5NDUwYWEwOWVmOTk3YmVkM2QzMThiYjRlMDY2Yw0KNDMzYzc4NWMzYzNjOGRmMGQ2NWM0MTlhYTEzODQzOGENCi0tLS0tRU5EIE9wZW5WUE4gU3RhdGljIGtleSBWMS0tLS0t</shared_key> >>> >>> It's base64 encoded inside of the XML. You could copy/paste it into a >>> backup of the target router, or if you want the decoded version, go to >>> Diagnostics > Command, and type in: >>> >>> echo base64_decode("LSOtLS[...]"); >>> >>> Put the contents of the <shared_key></shared_key> tag inside the quote >>> marks, not the tags itself. When you press Execute, it should give you >>> the plain text version you can then copy/paste. >>> >> Ok, >> >> Thanks very much. >> I didn't manage to get It working with the provided command line, got a >> >> Badly placed ()'s. >> >> … Anyway I have managed to get It decoded and working ok. > > It should have gone in the PHP execute code box, not the command line. > Sorry for that. > > You also should probably generate a new key, seeing as everyone on the > list (and those that can read the archive) now have a copy of your > shared key. :-) > > If you're on 1.2.3 it's easy to make a new key, just go to Diagnostics > > Command, and in the shell execute box, type: > openvpn --genkey --secret /dev/stdout > > Then copy/paste that to both boxes. It's probably better from a security > standpoint to make new shared keys in most cases than to keep importing > them over and over. > > Jim
Don't worry about that, unless you find out which part of the key I have modified before posting It, you have very very little chance to find out my key… ;-) –––––––––––––––––––––––––––––––––––––––––––––– ---------> Grégory Bernard Director <--------- ---------------> www.osnet.eu <--------------- --> Your provider of OpenSource appliances <-- –––––––––––––––––––––––––––––––––––––––––––––– OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org