1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
.TH IPSEC.SECRETS 5 "28 March 1999"
.SH NAME
ipsec.secrets \- secrets for IKE/IPsec authentication
.SH DESCRIPTION
The file \fIipsec.secrets\fP holds a table of secrets.
These secrets are used by \fIipsec_pluto\fP(8), the FreeS/WAN Internet Key
Exchange daemon, to authenticate other hosts.
Currently there are two kinds of secrets: preshared secrets and
.\" the private part of DSS keys.
RSA private keys.
.LP
It is vital that these secrets be protected. The file should be owned
by the super-user,
and its permissions should be set to block all access by others.
.LP
The file is a sequence of entries and include directives.
Here is an example. Each entry or directive must start at the
left margin, but if it continues beyond a single line, each continuation
line must be indented.
.LP
.RS
.nf
# sample /etc/ipsec.secrets file for 10.1.0.1
10.1.0.1 10.2.0.1: PSK "secret shared by two hosts"
# an entry may be split across lines,
# but indentation matters
www.xs4all.nl @www.kremvax.ru
\ \ \ \ 10.6.0.1 10.7.0.1 1.8.0.1: PSK "secret shared by 5"
.\" # Private part of our DSS key, in base 64,
.\" # as generated by BIND 8.2.1's dnskeygen.
.\" # Since this is the default key for this host,
.\" # there is no need to specify indices.
.\" : DSS 0siMs0N/hfRoCBMXA6plPtuv58/+c=
# an RSA private key.
# note that the lines are too wide for a
# man page, so ... has been substituted for
# the truncated part
@my.com: rsa {
\ \ \ \ Modulus:\ 0syXpo/6waam+ZhSs8Lt6jnBzu3C4grtt...
\ \ \ \ PublicExponent:\ 0sAw==
\ \ \ \ PrivateExponent:\ 0shlGbVR1m8Z+7rhzSyenCaBN...
\ \ \ \ Prime1:\ 0s8njV7WTxzVzRz7AP+0OraDxmEAt1BL5l...
\ \ \ \ Prime2:\ 0s1LgR7/oUMo9BvfU8yRFNos1s211KX5K0...
\ \ \ \ Exponent1:\ 0soaXj85ihM5M2inVf/NfHmtLutVz4r...
\ \ \ \ Exponent2:\ 0sjdAL9VFizF+BKU4ohguJFzOd55OG6...
\ \ \ \ Coefficient:\ 0sK1LWwgnNrNFGZsS/2GuMBg9nYVZ...
\ \ \ \ }
include ipsec.*.secrets # get secrets from other files
.fi
.RE
.LP
Each entry in the file is a list of indices, followed by a secret.
The two parts are separated by a colon (\fB:\fP) that is
followed by whitespace or a newline. For compatability
with the previous form of this file, if the key part is just a
double-quoted string the colon may be left out.
.LP
An index is an IP address, or a Fully Qualified Domain Name, user@FQDN,
\fB%any\fP or \fB%any6\fP (other kinds may come). An IP address may be written
in the familiar dotted quad form or as a domain name to be looked up
when the file is loaded
(or in any of the forms supported by the FreeS/WAN \fIipsec_ttoaddr\fP(3)
routine). In many cases it is a bad idea to use domain names because
the name server may not be running or may be insecure. To denote a
Fully Qualified Domain Name (as opposed to an IP address denoted by
its domain name), precede the name with an at sign (\fB@\fP).
.LP
Matching IDs with indices is fairly straightforward: they have to be
equal. In the case of a ``Road Warrior'' connection, if an equal
match is not found for the Peer's ID, and it is in the form of an IP
address, an index of \fB%any\fP will match the peer's IP address if IPV4
and \fB%any6\fP will match a the peer's IP address if IPV6.
Currently, the obsolete notation \fB0.0.0.0\fP may be used in place of
\fB%any\fP.
.LP
An additional complexity
arises in the case of authentication by preshared secret: the
responder will need to look up the secret before the Peer's ID payload has
been decoded, so the ID used will be the IP address.
.LP
To authenticate a connection between two hosts, the entry that most
specifically matches the host and peer IDs is used. An entry with no
index will match any host and peer. More specifically, an entry with one index will
match a host and peer if the index matches the host's ID (the peer isn't
considered). Still more specifically, an entry with multiple indices will match a host and
peer if the host ID and peer ID each match one of the indices. If the key
is for an asymmetric authentication technique (i.e. a public key
system such as RSA), an entry with multiple indices will match a host
and peer even if only the host ID matches an index (it is presumed that the
multiple indices are all identities of the host).
It is acceptable for two entries to be the best match as
long as they agree about the secret or private key.
.LP
Authentication by preshared secret requires that both systems find the
identical secret (the secret is not actually transmitted by the IKE
protocol). If both the host and peer appear in the index list, the
same entry will be suitable for both systems so verbatim copying
between systems can be used. This naturally extends to larger groups
sharing the same secret. Thus multiple-index entries are best for PSK
authentication.
.LP
Authentication by RSA Signatures requires that each host have its own private
key. A host could reasonably use a different private keys
for different interfaces and for different peers. But it would not
be normal to share entries between systems. Thus thus no-index and
one-index forms of entry often make sense for RSA Signature authentication.
.LP
The key part of an entry may start with a token indicating the kind of
key. ``RSA'' signifies RSA private key and ``PSK'' signifies
PreShared Key (case is ignored). For compatability with previous
forms of this file, PSK is the default.
.LP
A preshared secret is most conveniently represented as a sequence of
characters, delimited by the double-quote
character (\fB"\fP). The sequence cannot contain a newline or
double-quote. Strictly speaking, the secret is actually the sequence
of bytes that is used in the file to represent the sequence of
characters (excluding the delimiters).
A preshared secret may also be represented, without quotes, in any form supported by
\fIipsec_ttodata\fP(3).
.LP
An RSA private key is a composite of eight generally large numbers. The notation
used is a brace-enclosed list of field name and value pairs (see the example above).
A suitable key, in a suitable format, may be generated by \fIipsec_rsasigkey\fP(8).
The structure is very similar to that used by BIND 8.2.2 or later, but note that
the numbers must have a ``0s'' prefix if they are in base 64. The order of
the fields is fixed.
.LP
The first token an entry must start in
the first column of its line. Subsequent tokens must be
separated by whitespace,
except for a colon token, which only needs to be followed by whitespace.
A newline is taken as whitespace, but every
line of an entry after the first must be indented.
.LP
Whitespace at the end of a line is ignored (except in the 0t
notation for a key). At the start of line or
after whitespace, \fB#\fP and the following text up to the end of the
line is treated as a comment. Within entries, all lines must be
indented (except for lines with no tokens).
Outside entries, no line may be indented (this is to make sure that
the file layout reflects its structure).
.LP
An include directive causes the contents of the named file to be processed
before continuing with the current file. The filename is subject to
``globbing'' as in \fIsh\fP(1), so every file with a matching name
is processed. Includes may be nested to a modest
depth (10, currently). If the filename doesn't start with a \fB/\fP, the
directory containing the current file is prepended to the name. The
include directive is a line that starts with the word \fBinclude\fP,
followed by whitespace, followed by the filename (which must not contain
whitespace).
.SH FILES
/etc/ipsec.secrets
.SH SEE ALSO
The rest of the FreeS/WAN distribution, in particular
\fIipsec.conf\fP(5),
\fIipsec\fP(8),
\fIipsec_newhostkey\fP(8),
\fIipsec_rsasigkey\fP(8),
\fIipsec_showhostkey\fP(8),
\fIipsec_auto\fP(8) \fB\-\-rereadsecrets\fP,
and \fIipsec_pluto\fP(8) \fB\-\-listen\fP,.
.br
BIND 8.2.2 or later, ftp://ftp.isc.org/isc/bind/src/
.SH HISTORY
Designed for the FreeS/WAN project
<http://www.freeswan.org>
by D. Hugh Redelmeier.
.SH BUGS
If an ID is \fB0.0.0.0\fP, it will match \fB%any\fP;
if it is \fB0::0\fP, it will match \fB%any6\fP.
|