<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:10px"><div dir="ltr" id="yui_3_16_0_1_1438680000504_19523"><span>Thanks Tobias,</span></div><div id="yui_3_16_0_1_1438680000504_19722" dir="ltr"><br><span></span></div><div id="yui_3_16_0_1_1438680000504_19524" dir="ltr"><span id="yui_3_16_0_1_1438680000504_19525">I was under the impression authby=secret will be same as left|rightauth=psk. <br></span></div><div id="yui_3_16_0_1_1438680000504_20241" dir="ltr"><span id="yui_3_16_0_1_1438680000504_19525">Thanks for your perfect shot.</span></div><div id="yui_3_16_0_1_1438680000504_20242" dir="ltr"><br><span id="yui_3_16_0_1_1438680000504_19525"></span></div><div id="yui_3_16_0_1_1438680000504_20243" dir="ltr"><span id="yui_3_16_0_1_1438680000504_19525">Regards</span></div><div id="yui_3_16_0_1_1438680000504_20244" dir="ltr"><span id="yui_3_16_0_1_1438680000504_19525">Ashok</span></div> <br><div class="qtdSeparateBR"><br><br></div><div style="display: block;" class="yahoo_quoted"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 10px;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div dir="ltr"> <font face="Arial" size="2"> On Tuesday, 4 August 2015 2:22 PM, Tobias Brunner <tobias@strongswan.org> wrote:<br> </font> </div> <br><br> <div class="y_msg_container">Hi Ashok,<br clear="none"><br clear="none">> I am trying to establish simple PSK IPSec session between 2 ubuntu systems.<br clear="none">><br clear="none">> ...<br clear="none">> Aug 3 19:15:55 user-Lenovo-Product charon: 14[IKE] no private key found for 'moon.strongswan.org'<br clear="none">> ...<br clear="none">> <br clear="none">> May I know what am I missing?<br clear="none"><br clear="none">A lesson in reading the log and status output perhaps ;-) The log<br clear="none">message above indicates that the daemon does not find a _private_ key,<br clear="none">not a _shared_ key. That's because the connection is set to use public<br clear="none">key authentication, not pre-shared key authentication, as can be seen in<br clear="none">the output here:<br clear="none"><br clear="none">> <a shape="rect" ymailto="mailto:root@user-Lenovo-Product" href="mailto:root@user-Lenovo-Product">root@user-Lenovo-Product</a>:/home/user# ipsec statusall<br clear="none">> ...<br clear="none">> home: 192.168.1.5...192.168.1.16 IKEv1/2<br clear="none">> home: local: [moon.strongswan.org] uses public key authentication<br clear="none">> home: remote: [<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a>] uses public key authentication<br clear="none"><br clear="none">This is, of course, due to the `left|rightauth=psk` options you<br clear="none">commented out in ipsec.conf (the default is `pubkey`):<div class="yqt0824692957" id="yqtfd84435"><br clear="none"><br clear="none">> conn home<br clear="none">> left=192.168.1.5<br clear="none">> leftid=@moon.strongswan.org<br clear="none">> # leftauth=psk<br clear="none">> # leftauth=pubkey<br clear="none">> leftsubnet=192.168.1.5/32<br clear="none">> leftfirewall=yes<br clear="none">> right=192.168.1.16<br clear="none">> rightid=<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a><br clear="none">> rightsubnet=192.168.1.16/32<br clear="none">> # rightauth=psk<br clear="none">> ike=3des-md5-modp768!<br clear="none">> esp=aes128-sha1-modp1024!<br clear="none">> # auto=add<br clear="none">> auto=start<br clear="none"><br clear="none">Regards,</div><br clear="none">Tobias<div class="yqt0824692957" id="yqtfd40346"><br clear="none"><br clear="none"></div><br><br></div> </div> </div> </div></div></body></html>