[Swan] Looks like loading preshared keys does in fact need NSS
Greg Scott
GregScott at infrasupport.com
Fri Jun 28 12:40:30 EEST 2013
> If you only use PSK, then remove all but the PSK lines from the secrets file.
I wonder if I have my definition of a PSK wrong? Each node has a unique RSA key that the other nodes know about. It's not like there's any other info in my hostkey.secrets file. All the nodes know about every other nodes' RSA key, so these are pre-shared. But now that I think about it, maybe an official PSK is something different? What's to remove in my hostkey.secrets file?
Or is there some way to take my old clear text, ASCII formatted RSA keys and create an NSS database and import them?
: RSA {
# RSA 2192 bits NSSSS-fw1 Thu May 31 23:37:56 2012
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=0s....u... LotsOfDigits....
Modulus: 0xda2...8... LotsOfDigits....
PublicExponent: 0x03... LotsOfDigits....
# everything after this point is secret
PrivateExponent: 0x245b...LotsOfDigits....5eef
Prime1: 0xf62... LotsOfDigits....600c481
Prime2: 0xe2e3a... LotsOfDigits....9d6bd
Exponent1: 0xa4... LotsOfDigits....5955d
Exponent2: 0x9... LotsOfDigits....f10c68
Coefficient: 0x7793... LotsOfDigits....3481
}
# do not change the indenting of that "}"
Thanks
- Greg
More information about the Swan
mailing list