[strongSwan-dev] How to dump the SK_ei, SK_er, SK_ai, SK_ar of the IKE_SA
andreas.steffen at strongswan.org
Wed Mar 31 07:05:23 CEST 2010
with the ipsec.conf setting
SK_ei, SK_er, SK_ai, SK_ar are written to the log.
As an alternative the command
ipsec stroke loglevel ike 4
achieves the same when the charon daemon is already running.
Aaron Zhang wrote:
> Hi all.
> Are there any ways to dump the SK_ei, SK_er, SK_ai, SK_ar of the IKE_SA
> which are useful to decrypt the IKE_AUTH packet with wireshark.
> I set the debug as 4 for all debug type. But there are not such information.
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3430 bytes
Desc: S/MIME Cryptographic Signature
More information about the Dev