index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
/
iked.conf.5
Age
Commit message (
Expand
)
Author
2022-07-22
add missing full stop;
Jason McIntyre
2022-07-22
Include an OpenIKED Vendor ID payload in the initial handshake. This will
Tobias Heider
2022-04-13
Document sntrup761x25519 key exchange.
Tobias Heider
2022-02-06
remove please from manual pages
Jonathan Gray
2021-11-13
The key/nonce disclaimers were copied from ipsec.conf.5 but aren't relevant
Tobias Heider
2021-11-09
Use more sensible transforms in example config.
Tobias Heider
2021-11-05
Clarify iface option.
Tobias Heider
2021-11-04
Clarify "aes" will accept keys which length is in 128:256 bits. Also
YASUOKA Masahiko
2021-10-26
Make proto config option accept a list to allow specifying multiple
Tobias Heider
2021-08-03
Increase default data bytes limit for Child SAs to 4 GB.
tobhe
2021-04-11
Document 'request' option to request additional configuration payloads.
tobhe
2021-02-13
Add dynamic address configuration for roadwarrior clients.
tobhe
2021-01-24
hmac-sha2-384 and hmac-sha2-512 are enabled by default.
tobhe
2021-01-23
Fix typos.
tobhe
2020-12-28
Add back keyword "any" to match any IP address, which actually works
tobhe
2020-12-11
The keyword "any" does not actually work properly for traffic selectors.
tobhe
2020-11-15
Document new 'dynamic' keyword to create flows from or to a dynamically
tobhe
2020-09-23
Add new 'set cert_partial_chain' config option to allow verification of
tobhe
2020-08-26
Allow disabling DPD liveness checks by setting dpd_check_interval to 0.
tobhe
2020-08-25
Add dpd_check_interval configuration option. If for any IKE SA no IPsec
tobhe
2020-08-23
Add a new configuration option to limit the number of connections for
tobhe
2020-08-21
Use trusted CA from /etc/iked/ca/ as OCSP issuer to get rid of
tobhe
2020-08-18
Add optional time-stamp validaten for ocsp. The new optional 'tolerate'
tobhe
2020-07-21
Provide GRE over transport mode example
kn
2020-07-10
table fix;
Jason McIntyre
2020-07-10
Document which crypto transforms are enabled by default.
tobhe
2020-05-26
Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.
tobhe
2020-05-01
Clarify global 'set active' and 'set passive' options and how they
tobhe
2020-04-28
Remove support for insecure EC2N groups. Clarify which Diffie-Hellman
tobhe
2020-04-27
Add curve25519 IANA group number.
tobhe
2020-04-23
ce examples of "Ar arg Ar arg" with "Ar arg arg" and stop the spread;
Jason McIntyre
2020-04-23
Add support for switching rdomain on IPsec encryption/decryption.
tobhe
2020-02-21
Add transport mode for child SAs. This is useful for GRE over IPsec and
tobhe
2020-02-16
Quote variables in pf tag strings
kn
2020-02-10
briefly mention /etc/examples/ in the FILES section of all the
Ingo Schwarze
2019-12-01
Explain how ipcomp can be enabled.
tobhe
2019-11-12
fix a formatting warning;
Jason McIntyre
2019-11-12
Add configuration options to explicitly specify ESN support for child SAs.
tobhe
2019-08-24
Clarify "protected-subnet" option.
tobhe
2019-08-16
Add explanation for the [IKE/ESP only] column of the transform table.
tobhe
2019-05-11
Add support for IKEv2 Message Fragmentation as defined in RFC 7383.
Patrick Wildt
2019-04-02
When curve25519 was added to iked, it was based on the internet-draft and
Stuart Henderson
2018-01-31
Add support for specifying multiple transforms within a single proposal.
Patrick Wildt
2018-01-24
Implement support for specifying multiple proposals. This means we can
Patrick Wildt
2017-11-27
Implement MOBIKE (RFC 4555) support in iked(8), with us acting as
Patrick Wildt
2017-06-01
Expand $eapid in iked tags, allowing PF rules to be written based on EAP
Stuart Henderson
2017-03-27
correct verb pattern;
Jason McIntyre
2017-03-27
Add support for RFC4754 (ECDSA) and RFC7427 authentication.
Reyk Floeter
2017-03-13
Clarify iked.conf(5) manpage in regards to IP compression.
Patrick Wildt
2017-01-04
Remove modular exponential groups specified in RFC5114
Mike Belopuhov
[next]