[strongSwan] IKEV2 Support for 96-bit HMAC-SHA-256

chinna obireddy chinnaobi at gmail.com
Thu Nov 4 22:05:24 CET 2021

Hi Tobias,

After disabling the pfkey plugin compilation sha256_96=yes worked. I was
able to see the key length 96 bit using the command "ip xfrm state"

Thanks for the support.


On Wed, Oct 27, 2021 at 11:10 AM Tobias Brunner <tobias at strongswan.org>

> Hi Obi,
> > Is there a way to check
> > this during runtime?
> ipsec statusall
> > How to go about from here if pfkey is used to support the
> > AUTH_HMAC_SHA2_256_96 algorithm?
> Disable it, you don't want to use it on Linux.
> Regards,
> Tobias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20211104/38de7162/attachment.html>

More information about the Users mailing list