[strongSwan] recurring problem of PSK, but cannot spot the error

Noel Kuntze noel at familie-kuntze.de
Wed Nov 20 20:22:59 CET 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Ilyas,

You need to put "s around the password.

Regards
Noel Kuntze

On 20.11.2013 20:21, ilyas Guennoun wrote:
> So I set debug level to 4 for ike, kernel, config and network
>
> I removed the ids to keep the minimum configuration (for better understanding) so I used IP adresses only.
> conn cisco_home
>         left=192.168.168.152
>         leftsubnet=169.254.229.0/24
>         leftauth=psk
>         right=192.168.168.161
>         rightsubnet=192.168.15.0/24
>         rightauth=psk
>         type=tunnel
>         ike=aes128-sha1-modp1024
>         esp=aes128-sha1
>         auto=add
>
> and ipsecure.secrets
> 192.168.168.152 192.168.168.161 : PSK password
> include /var/lib/strongswan/ipsec.secrets.inc
>
>
> BUT, i have the error when removing the quotes
> $ ipsec secrets
> 002 loading secrets from "/etc/ipsec.secrets"
> 002   loaded PSK secret for 192.168.168.152 192.168.168.161
> 003 "/etc/ipsec.secrets" line 10: PSK data malformed (input does not begin with format prefix): password
> 002 loading secrets from "/var/lib/strongswan/ipsec.secrets.inc"
>
> the version I am using
> $ ipsec version
> Linux strongSwan U4.5.2/K3.2.0-29-generic-pae
>
> latest in ubuntu repo
> *
>
>
> From:* Izz Abdullah <izz.abdullah at wepanow.com>
> *Sent:* Wednesday, November 20, 2013 10:52
> *To:* users at lists.strongswan.org <users at lists.strongswan.org>
> *Subject: *Re: [strongSwan] recurring problem of PSK, but cannot spot the error
>
> I ran into this same problem when I first setup strongSwan.  The ipsec.secrets file is in the format like so:
> RemoteID : PSK PSK_VALUE
> 192.168.168.161 : PSK password
> No need for quotes, and since your ID of the remote peer is the same as the IP, then the above should work.
>
>
> *Izz Abdullah*
> /Senior Systems Engineer/
> Izz.Abdullah at wepanow.com <mailto:izz.abdullah at wepanow.com>
> 205.605.6039 Office
> 800.675.7639 Toll Free
> www.wepanow.com
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJSjQwTAAoJEDg5KY9j7GZYLhgP/RVX2PH74O1nu7ftI97/PFc7
OHSMXdDsfcld0QzKGDzQBKMKERFuRE688au7xPtpkno8S070eVSZmtSLrRbZDGJk
5hE8idCQ6H1vR/cSlxCt5XQodLt7/1haQgHFKZfTsITVEjyQhZhojtjG7VoZF5nk
jeyKcf/r9trazcdSFgElDSggyOUvb3MqootqWw1S/j9iSLoILLLdHnpVEWZvSrql
QaanSNPEMOwH09GK0zhc838A4rSCYAAwF31ZZR4x8CcN0wr01x20DncvzdQ7S0BT
z1AeHyPQFVuODGx9eltlgK15PytBgNQ1hJnG0rNXDum7xOVYU9vpd8Xvampw0T1y
Y2aV2gjU/94IgMrDSPaODh2llYlqjbvEAQJOTZ12w34+5tg4LcyAEFqQwQelmbyk
x3egYQjf4fzkT/4bhdsfiG7HEp2QF/CL+oYv+VZeH7r4/L2Wdpe43SeELfxpo7VW
bDC4vwVzj1bsKB2kiT4hTWmvVeM41k/dUdnmFr0C+CQQ48VyCBgL82oYPF4XbC/J
Df+PSLav7em+ossMsq50EWa22btm3DaAKsWp7oy+vSlc8lMrVHs+jk3J4hFKiP5B
PBhKXUfu36jLckNi7vqZVAXnNaTOuP6pdm1+L/3LKNLNuSZBfYKVDtOxliQoV8+Y
9LSJ3pnp1Zx4cKPHr/zW
=6HV0
-----END PGP SIGNATURE-----

More information about the Users mailing list