[strongSwan] Host to host with certs - where to put own private key?
kman at fastmail.com
Wed Feb 13 14:03:20 CET 2019
On Wed, Feb 13, 2019, at 3:24 PM, Kostya Vasilyev wrote:
> On Wed, Feb 13, 2019, at 3:11 PM, Tobias Brunner wrote:
> > Hi Kostya,
> > > Hmm, there is no strongswan-swanctl service on Debian (buster / testing)...
> > There is if you install it .
Thank you for your help.
I now have my tunnel running from new format config.
> > > systemctl start strongswan
> > That's the legacy service provided by strongswan-starter (i.e. it starts
> > starter, which parses ipsec.conf etc.).
Now I'm wondering if it's possible to uninstall this legacy service (which supports ipsec.conf format configuration files).
apt-get remove strongswan-starter
The following packages will be REMOVED:
strongswan strongswan-charon strongswan-starter
Removing "strongswan" package seems like a bad idea.
Guess I should keep "strongswan" and just remove my "old" (ipsec.conf format) files?
Anything else I can uninstall if I don't need support of "legacy" format files?
More information about the Users