[strongSwan] diffie hellman or RSA

nima chavooshi nima0102 at gmail.com
Mon Sep 26 07:28:31 CEST 2011


Hi
Then, why do i have to set certification on conn conf section for any
connection? Pki in strongswan only is used in authentication not key
exchange ?
Eexcuse me for these dummy question.

On Sunday, September 25, 2011, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:
> strongSwan exclusively uses Diffie-Hellman for key exchange. There is an
> RSA encryption variant for IKEv1 but which is rarely used at all.
>
> Regards
>
> Andreas
>
> On 09/25/2011 03:26 PM, nima chavooshi wrote:
>> Hi
>> In some documents I have read about diffie hellman and RSA. according
>> those documents usage of diffie hellman and RSA is equal, in fact, those
>> method are used for key exchange.but must only one method to be selected.
>> In StrongSwan, I have to set both RSA and diffie hellman in ike or esp
>> values. so I am a little confused.
>>
>> Thanks for any help or guidance
>
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution!                www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110926/ca90947f/attachment.html>


More information about the Users mailing list