[strongSwan] How to find encryption key for ikev1
Thomas Egerer
hakke_007 at gmx.de
Thu Jul 16 13:12:46 CEST 2020
Hi Yogesh,
the loglevel 3 will never reveal any keys to you. You'd need
to enable loglevel 4. An easier way is to use the save-keys
plugin. It even creates the appropriate output files to use
in wireshark. See [1] how to enable and configure it.
Thomas
[1] https://wiki.strongswan.org/issues/3258
On 7/16/20 7:02 AM, Yogesh Purohit wrote:
> Hi,
>
> I was intending to decrypt isakmp packets for ike version 1 using wireshark.
> In wireshark it needs the Initiator cookie and encryption key to decrypt the packets.
>
> I have enabled debug logs by adding: enc = 3 in strongswan.conf file.
> I followed this link https://osqa-ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-andor-esp-packets
> But this was used when strongswan used Pluto daemon but now Charon is being used.
>
> So how to identify the initiator cookie and encryption key from logs for ike version 1.
>
> Thanks
>
> --
> Best Regards,
>
> Yogesh Purohit
More information about the Users
mailing list