[Swan-dev] clear password in ipsec.screts
Paul Wouters
paul at nohats.ca
Wed Jul 8 13:36:55 UTC 2020
On Jul 8, 2020, at 09:10, Balaji Thoguluva <tbbalaji at gmail.com> wrote:
>
>
> Hi Folks,
>
> Currently for pre-shared (authby=secret), we have to specify the clear password in ipsec.secrets file.
>
> Is there any way to specify encrypted or obfuscated password in ipsec.secrets file so that clear password is not visible for an user and still Libreswan able to establish PSK based tunnel?
No.
How would this work? If it is encrypted, then there is a private key, and you need to protect that private key so your need a password again if you want the system to be able to automatically start on boot.
Obfuscation seems pointless. If you take Cisco as example where they do this, well some users wanted to write or read Cisco config files and so this easy tool that works instantly converts the psk from/to obfuscation:
https://github.com/libreswan/libreswan/tree/main/contrib/cisco-decrypt
For consistency, we could store it in the nss db with an identifier, along with private keys and certificates. It is encrypted by default with a private key without password and get be password locked but then the nss password file contains the plaintext password or you have to supply the password on startup.
But I don’t think the nss db supports this type of entry and we would have to wrap it in something else.
Ideally, you would move away from PSK and use raw key pairs or certificates for authentication.
Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200708/9e65b43a/attachment.html>
More information about the Swan-dev
mailing list