VPN Configuration

The ipsec configuration files consist of two separate files. The first is /etc/ipsec.secrets. Within the ipsec.secrets file is either a preshared secret key (PSK) or an RSA key (RSA). This text will deal only with the preshared secret. This shared secret will be identical between two systems and allows these two systems to authenticate each other through this shared secret. This method is secure as long as the shared secret remains secret.

Caution

The shared secret in ipsec.secrets must never be transmitted in the clear. Maintain the secret by ensuring that only root can read the file (chmod 600), and transfer the secret to the other system only by a secure means (put the ipsec.secrets file on a floppy and use the sneaker net—hand ...

Get Special Edition Using Linux®, Sixth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.