summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason McIntyre <jmc@cvs.openbsd.org>2006-09-07 09:57:03 +0000
committerJason McIntyre <jmc@cvs.openbsd.org>2006-09-07 09:57:03 +0000
commitb5dfdb3a2efdb6254a71b6a2a4c52d1e28262e79 (patch)
tree719fadb05d60e69c0e6a623cb9ad581f0fd59ffc
parent64a878a1d971ecc4485a1fb40c1f37713aa5b5da (diff)
move all the auth/enc/group stuff into one definitive section;
help from ho hshoexer
-rw-r--r--sbin/ipsecctl/ipsec.conf.5215
1 files changed, 85 insertions, 130 deletions
diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5
index 37dbad3cfe4..a9def68c2ce 100644
--- a/sbin/ipsecctl/ipsec.conf.5
+++ b/sbin/ipsecctl/ipsec.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ipsec.conf.5,v 1.85 2006/09/06 11:40:33 jmc Exp $
+.\" $OpenBSD: ipsec.conf.5,v 1.86 2006/09/07 09:57:02 jmc Exp $
.\"
.\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved.
.\"
@@ -264,99 +264,51 @@ specification can be left out.
.Ic enc Ar algorithm
.Ic group Ar group
.Xc
-These parameters define the cryptographic transforms to be used for main mode.
+These parameters define the cryptographic transforms to be used for
+main mode.
Possible values for
-.Ic auth
-are
-.Ar hmac-md5 ,
-.Ar hmac-sha1 ,
-.Ar hmac-sha2-256 ,
-.Ar hmac-sha2-384 ,
+.Ic auth ,
+.Ic enc ,
and
-.Ar hmac-sha2-512 .
-For
-.Ic enc
-the values
-.Ar des ,
-.Ar 3des ,
-.Ar aes ,
-.Ar blowfish ,
-and
-.Ar cast
-are allowed.
-For
.Ic group
-the values
-.Ar modp768 ,
-.Ar modp1024 ,
-.Ar modp1536 ,
-.Ar modp2048 ,
-.Ar modp3072 ,
-.Ar modp4096 ,
-.Ar modp6144 ,
-and
-.Ar modp8192
-are allowed.
+are described below in
+.Sx CRYPTO TRANSFORMS .
+.Pp
If omitted,
.Xr ipsecctl 8
will use the default values
.Ar hmac-sha1 ,
.Ar aes ,
-and group
+and
.Ar modp1024 .
.It Xo
.Ic quick auth Ar algorithm
.Ic enc Ar algorithm
.Ic group Ar group
.Xc
-Similar to
-.Ic main ,
-.Ic quick
-defines the transforms to be used for quick mode.
-However, the possible values for
-.Ic auth
-are
-.Ar hmac-md5 ,
-.Ar hmac-sha1 ,
-.Ar hmac-ripemd160 ,
-.Ar hmac-sha2-256 ,
-.Ar hmac-sha2-384 ,
-and
-.Ar hmac-sha2-512 .
-For
-.Ic enc
-valid values are
-.Ar des ,
-.Ar 3des ,
-.Ar aes ,
-.Ar aesctr ,
-.Ar blowfish ,
+These parameters define the cryptographic transforms to be used for
+quick mode.
+Possible values for
+.Ic auth ,
+.Ic enc ,
and
-.Ar cast .
-For
.Ic group
-the values
-.Ar modp768 ,
-.Ar modp1024 ,
-.Ar modp1536 ,
-.Ar modp2048 ,
-.Ar modp3072 ,
-.Ar modp4096 ,
-.Ar modp6144 ,
-.Ar modp8192 ,
-and
-.Ar none
-are allowed.
-When a group is specified perfect forward security (PFS) will be used.
-When the value
+are described below in
+.Sx CRYPTO TRANSFORMS .
+If
+.Ic group
+is specified,
+Perfect Forward Security (PFS) is used.
+If the value
.Ar none
-is used, PFS will be disabled.
-If no quick mode transforms are specified,
-the default values
+is used, PFS is disabled.
+.Pp
+If omitted,
+.Xr ipsecctl 8
+will use the default values
.Ar hmac-sha2-256
and
-.Ar aes
-are used;
+.Ar aes ;
PFS will only be used if the remote side requests it.
.It Ic srcid Ar string Ic dstid Ar string
.Ic srcid
@@ -548,12 +500,9 @@ Enter a TCP MD5 SA.
The commands are as follows:
.Bl -tag -width xxxx
.It Ar mode
-For
-.Ic esp
-and
-.Ic ah ,
+For ESP and AH
.\".Ic ipcomp
-the encapsulation mode to be used can be specified.
+the encapsulation mode can be specified.
Possible modes are
.Ar tunnel
and
@@ -575,19 +524,11 @@ The SPI identifies a specific SA.
.Ar number
is a 32-bit value and needs to be unique.
.It Ic auth Ar algorithm
-For both
-.Ic esp
-and
-.Ic ah
+For ESP and AH
an authentication algorithm can be specified.
-Possible algorithms are
-.Ar hmac-md5 ,
-.Ar hmac-ripemd160 ,
-.Ar hmac-sha1 ,
-.Ar hmac-sha2-256 ,
-.Ar hmac-sha2-384 ,
-and
-.Ar hmac-sha2-512 .
+Possible values
+are described below in
+.Sx CRYPTO TRANSFORMS .
.Pp
If no algorithm is specified,
.Xr ipsecctl 8
@@ -609,19 +550,11 @@ by default.
.\".Xr hifn 4
.\"because of the patent held by Hifn, Inc.
.It Ic enc Ar algorithm
-For
-.Ic esp
-an encryption algorithm needs to be specified.
-Possible algorithms are
-.Ar 3des-cbc ,
-.Ar des-cbc ,
-.Ar aes ,
-.Ar aesctr ,
-.Ar blowfish ,
-.Ar cast128 ,
-.Ar null ,
-and
-.Ar skipjack .
+For ESP
+an encryption algorithm can be specified.
+Possible values
+are described below in
+.Sx CRYPTO TRANSFORMS .
.Pp
If no algorithm is specified,
.Xr ipsecctl 8
@@ -668,17 +601,42 @@ The mechanism of protecting
.Xr tcp 4
sessions using MD5 is described in RFC 2385.
.El
-.Sh CRYPTO KEY SIZE
-Different cipher types may require different sized keys:
+.Sh CRYPTO TRANSFORMS
+It is very important that keys are not guessable.
+One practical way of generating keys is to use
+.Xr openssl 1 .
+The following generates a 160-bit (20-byte) key:
+.Bd -literal -offset indent
+$ openssl rand 20 | hexdump -e '20/1 "%02x"'
+.Ed
+.Pp
+The following authentication types are permitted with the
+.Ic auth
+keyword:
+.Pp
+.Bl -column "authenticationXX" "Key Length" -offset indent -compact
+.It Em Authentication Key Length
+.It Li hmac-md5 Ta "128 bits"
+.It Li hmac-ripemd160 Ta "160 bits" Ta "[quick mode only]"
+.It Li hmac-sha1 Ta "160 bits"
+.It Li hmac-sha2-256 Ta "256 bits"
+.It Li hmac-sha2-384 Ta "384 bits"
+.It Li hmac-sha2-512 Ta "512 bits"
+.El
+.Pp
+The following cipher types are permitted with the
+.Ic enc
+keyword:
.Pp
-.Bl -column "CipherXX" "Key Length" -offset indent -compact
+.Bl -column "authenticationXX" "Key Length" -offset indent -compact
.It Em Cipher Key Length
-.It Li DES Ta "56 bits"
-.It Li 3DES Ta "168 bits"
-.It Li AES Ta "variable (128 bits recommended)"
-.It Li Blowfish Ta "variable (160 bits recommended)"
-.It Li CAST Ta "variable (128 bits maximum and recommended)"
-.It Li Skipjack Ta "80 bits"
+.It Li des Ta "56 bits"
+.It Li 3des Ta "168 bits"
+.It Li aes Ta "128 bits"
+.It Li aesctr Ta "160 bits" Ta "[quick mode only]"
+.It Li blowfish Ta "160 bits"
+.It Li cast Ta "128 bits"
+.It Li skipjack Ta "80 bits"
.El
.Pp
Use of DES or Skipjack as an encryption algorithm is not recommended
@@ -690,25 +648,22 @@ Note that DES requires 8 bytes to form a 56-bit key and 3DES requires 24 bytes
to form its 168-bit key.
This is because the most significant bit of each byte is used for parity.
.Pp
-Different authentication types may also require different sized keys:
+The following group types are permitted with the
+.Ic group
+keyword:
.Pp
.Bl -column "authenticationXX" "Key Length" -offset indent -compact
-.It Em Authentication Key Length
-.It Li HMAC-MD5 Ta "128 bits"
-.It Li HMAC-RIPEMD160 Ta "160 bits"
-.It Li HMAC-SHA1 Ta "160 bits"
-.It Li HMAC-SHA2-256 Ta "256 bits"
-.It Li HMAC-SHA2-384 Ta "384 bits"
-.It Li HMAC-SHA2-512 Ta "512 bits"
+.It Em Group Size
+.It Li modp768 Ta 768
+.It Li modp1024 Ta 1024
+.It Li modp1536 Ta 1536
+.It Li modp2048 Ta 2048
+.It Li modp3072 Ta 3072
+.It Li modp4096 Ta 4096
+.It Li modp6144 Ta 6144
+.It Li modp8192 Ta 8192
+.It Li none Ta 0 Ta [quick mode only]
.El
-.Pp
-It is very important that keys are not guessable.
-One practical way of generating keys is to use
-.Xr openssl 1 .
-The following generates a 160-bit (20-byte) key:
-.Bd -literal -offset indent
-$ openssl rand 20 | hexdump -e '20/1 "%02x"'
-.Ed
.Sh SEE ALSO
.Xr openssl 1 ,
.\".Xr ipcomp 4 ,