diff options
| author | Jason McIntyre <jmc@cvs.openbsd.org> | 2005-08-23 15:02:32 +0000 |
|---|---|---|
| committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2005-08-23 15:02:32 +0000 |
| commit | 3d6df7329ef51309734bd31d417dba2dac4b0a15 (patch) | |
| tree | cb4b13274b5cd9e88f74c8327fa1c74c586c3616 /sbin | |
| parent | 398f049f5ad1c17e67467d44e555dae7f096771f (diff) | |
note that RSA_SIG should be part of the "Transforms" tag when setting
up key- and cert-based authentication;
problem found by andrew fresh;
help/ok hshoexer@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/isakmpd/isakmpd.8 | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8 index ec8eb52d96d..16c39aa5ead 100644 --- a/sbin/isakmpd/isakmpd.8 +++ b/sbin/isakmpd/isakmpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.8,v 1.81 2005/06/04 17:22:42 hshoexer Exp $ +.\" $OpenBSD: isakmpd.8,v 1.82 2005/08/23 15:02:31 jmc Exp $ .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $ .\" .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. @@ -481,6 +481,20 @@ See .Sx KEYNOTE AUTHENTICATION below. .El +.Pp +When configuring +.Nm +for key- and certificate-based authentication, +the +.Dq Transforms +tag in +.Xr isakmpd.conf 5 +should include +.Dq RSA_SIG . +For example, the transform +.Dq 3DES-SHA-RSA_SIG +means: +3DES encryption, SHA hash, authentication using RSA signatures. .Sh PUBLIC KEY AUTHENTICATION It is possible to store trusted public keys to make them directly usable by |