[Swan] ipsec newhostkey / showhostkey does not work well in 3.17
Paul Wouters
paul at nohats.ca
Tue May 3 15:29:27 UTC 2016
On Tue, 3 May 2016, Noam Singer wrote:
> I just installed LibreSwan 3.17 on a fresh machine
>
> I tried creating a public-key using the following basic script
>
> echo "" > /tmp/nsspassword
> rm -f /etc/ipsec.secrets
> certutil -N -d /etc/ipsec.d -f /tmp/nsspassword
> ipsec newhostkey --output /etc/ipsec.secrets --configdir /etc/ipsec.d --seeddev
> /dev/urandom --bits 2192
>
> However, for some reason, the generated /etc/ipsec.secrets does not contain the Modules
> lines.
>
> Is this a new bug in 3.17 or am I doing something wrong?
It's a new bug in 3.17. It was not supposed to require the modules. We
are working on fixing that. For now, please use 3.16 to generate the
keys.
Paul
More information about the Swan
mailing list