[strongSwan] Host to host with certs - where to put own private key?
Kostya Vasilyev
kman at fastmail.com
Wed Feb 13 14:03:20 CET 2019
Tobias,
On Wed, Feb 13, 2019, at 3:24 PM, Kostya Vasilyev wrote:
> Tobias,
>
> On Wed, Feb 13, 2019, at 3:11 PM, Tobias Brunner wrote:
> > Hi Kostya,
> >
> > > Hmm, there is no strongswan-swanctl service on Debian (buster / testing)...
> >
> > There is if you install it [1].
Thank you for your help.
I now have my tunnel running from new format config.
> > > systemctl start strongswan
> >
> > That's the legacy service provided by strongswan-starter (i.e. it starts
> > starter, which parses ipsec.conf etc.).
> >
Now I'm wondering if it's possible to uninstall this legacy service (which supports ipsec.conf format configuration files).
apt-get remove strongswan-starter
The following packages will be REMOVED:
strongswan strongswan-charon strongswan-starter
Removing "strongswan" package seems like a bad idea.
Guess I should keep "strongswan" and just remove my "old" (ipsec.conf format) files?
Anything else I can uninstall if I don't need support of "legacy" format files?
-- K
More information about the Users
mailing list