[strongSwan] Where does strongswan get it's DH parameters from?
Andreas Steffen
andreas.steffen at strongswan.org
Sun Mar 8 17:02:57 CET 2015
Hi,
the Diffie-Hellman group to be used is negotiated between the two
endpoints.For each IKE SA the DH public factor is computed anew so that
no static parameters are stored in a file.
Hope this helps
Andreas
On 07.03.2015 20:54, G. wrote:
> I had an openvpn server running in the past and the server and users all
> needed DH parameters to be generated to a file, which took a long time
> to generate in each instance. I am curious since my current server
> config strictly uses DH group 21 (ecp521), though I have never generated
> any DH parameter files or elliptic curve private/public key files.
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150308/79e4f570/attachment.bin>
More information about the Users
mailing list