[strongSwan] multiple PSKs at the same time for the same server

Matthew Boedicker mboedicker at pivotal.io
Sat Nov 21 01:03:13 CET 2015


We have multiple hosts all using the same PSK. Currently the secrets file
looks like this:

: PSK "secret"

We tried adding a second key but only one of the keys worked:

: PSK "secret"
: PSK "secret2"

strongSwan is being used to encrypt all traffic within a subnet using a
shared PSK (with a few passthrough exceptions). We want to update the key
by adding the new PSK to every server, then doing a another update that
removes the old key. This is so that there is no point in time at which two
of the servers cannot talk.

Is there any way to do this with strongSwan?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151120/6a698aa9/attachment.html>


More information about the Users mailing list