summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/isakmpd.conf.5
AgeCommit message (Collapse)Author
2002-06-09rm trailing whitespaceTodd T. Fries
2002-04-10Document IKE mode-cfg config. deraadt@ ok.Hakan Olsson
2002-03-01Update to reflect recent changes in DH group handling. Remove BUGSHakan Olsson
section.
2001-12-21Initial patch for a new mdoc issue.Mike Pechkin
Powered by @mantoya: o) kill extra line in the end of file; o) kill extra space in the end of line; o) replace blank lines with .Pp; millert@ ok
2001-12-13o) start new sentence on a new line;Mike Pechkin
o) wrap long lines; o) fix bogus .Xr usage; o) we don't like blank lines; o) always close .Bl tags; o) OpenBSD -> .Ox; o) don't like .Pp before .Ss; millert@ ok;
2001-12-10Mention that SIGHUP will cause isakmpd to reread isakmpd.confHakan Olsson
2001-10-11Fix various bugs in the example configuration. Most entries areHakan Olsson
"pregenerated", so indicate which aren't. 'Default-phase-N-lifetime' replaces LIFE_nnn_SECS.
2001-10-04IPv6 type addresses and nets are supported now. Some style fixes.Hakan Olsson
Also add a BUGS section describing why combining predefined MD5 and SHA suites in the same quick-mode proposal will currently not work.
2001-08-15Support trusted public (RSA) keys as files too. niklas@ ok.Hakan Olsson
2001-08-02Let the example config use suites that actually work together.Hakan Olsson
2001-07-04Some text on KEY_ID payloads.Angelos D. Keromytis
2001-06-27Consistently use "IPsec" capitalization (jsyn@nthought.com)Angelos D. Keromytis
2001-06-05Remove BUGS section, as the only bug mentioned there was removedAngelos D. Keromytis
earlier today :-)
2001-05-05Document default-phase2-suites tag.Angelos D. Keromytis
2001-04-30Add a FILES section describing default and sample file locations.Hakan Olsson
2001-04-05Style.Hakan Olsson
2001-03-07Add KEY_ID support (mostly from roland@digitalvampire.org)Angelos D. Keromytis
2001-01-27(c) 2001Niklas Hallqvist
2001-01-26Merge with EOM 1.57Niklas Hallqvist
author: ho Lifetime is KILOBYTES not BYTES. Noticed by <jj@dynarc.se>
2000-12-15.Sh EXAMPLE -> .Sh EXAMPLES. Even if there's only one example, at leastAaron Campbell
this is consistent.
2000-12-12Merge with EOM 1.55Niklas Hallqvist
author: angelos Add Default-phase-1-ID tag in [General], and document its use. author: angelos isakmpd can now negotiate transport protocol/ports (either through the configuration file or through kernel ACQUIREs).
2000-11-23Merge with EOM 1.53Niklas Hallqvist
author: niklas sync with OpenBSD
2000-11-09Remove -offset indent so these lines don't wrap over 80 chars; deraadt@Aaron Campbell
2000-10-16Merge with EOM 1.52Niklas Hallqvist
author: niklas heh, backspace as a continuation character, yeah right! author: angelos Mention Remote-ID tag in ISAKMP-peer section, and also that it doesn't currently work. author: angelos It's "Local-address", not "Listen-address" in the ISAKMP-peer section. author: angelos Mention RIPEMD.
2000-10-09samples/VPN-3way-template.conf: Merge with EOM 1.8Niklas Hallqvist
samples/VPN-east.conf: Merge with EOM 1.12 samples/VPN-west.conf: Merge with EOM 1.13 samples/policy: Merge with EOM 1.6 samples/singlehost-west.conf: Merge with EOM 1.9 samples/singlehost-east.conf: Merge with EOM 1.9 conf.c: Merge with EOM 1.37 ipsec.c: Merge with EOM 1.133 ipsec_num.cst: Merge with EOM 1.4 isakmpd.conf.5: Merge with EOM 1.48 isakmpd.policy.5: Merge with EOM 1.21 policy.c: Merge with EOM 1.46 author: angelos AES support.
2000-10-07conf.h: Merge with EOM 1.13Niklas Hallqvist
gmp_util.c: Merge with EOM 1.7 isakmpd.conf.5: Merge with EOM 1.47 author: ho (c)-2000
2000-08-03Merge with EOM 1.46Niklas Hallqvist
author: ho Mention 'Default' tag in Phase 1 section, modify peer tag descriptions to match. Phase 1 peer transport 'udp' is now a default value. The 'Stayalive' flag died long ago, remove it from the example. Also remove reference to the likewise dead 'Next-hop' tag. Some minor cleanup.
2000-06-08Merge with EOM 1.45Niklas Hallqvist
author: angelos Some more text. author: angelos Allow exchange of KeyNote credentials over IKE. Multiple credentials may be passed in a single CERT payload. KeyNote is used if a directory named as the local ID we use in an exchange exists in the KeyNote directory (default: /etc/isakmpd/keynote/). Note that asymmetric credentials are possible (use KeyNote in one direction and X509 in the other); such authentication is envisioned to be the most common: the clients will use KeyNote credentials to authenticate and authorize with a server, whilst the server will just provide an X509 certificate proving its binding to the IP address or ID. Totally asymmetric authentication (e.g., shared key in one direction, RSA in the other) is not supported by the IKE protocol. author: ho Update re DOI:IPSEC and default p1/p2 lifetimes.
2000-05-02Merge with EOM 1.42Niklas Hallqvist
author: ho Add initial text on auto-generated parts of the configuration. Reorder example somewhat. author: niklas Doc fixes from OpenBSD
2000-04-12Trailing whitespace begone!Aaron Campbell
2000-04-07apps/certpatch/certpatch.8: Merge with EOM 1.5Niklas Hallqvist
isakmpd.8: Merge with EOM 1.20 isakmpd.conf.5: Merge with EOM 1.40 isakmpd.policy.5: Merge with EOM 1.13 author: niklas Changes from OpenBSD
2000-04-07Merge with EOM 1.39Niklas Hallqvist
author: angelos Add text on CAs and policies.
2000-03-23More pedantic man page formatting insanity, lalalaAaron Campbell
2000-03-22Add some text about CA certificates and policies (suggested by PaulAngelos D. Keromytis
Hoffman).
2000-03-18Remove hard sentence breaks, and some other cleanup along the way.Aaron Campbell
2000-01-31ike_quick_mode.c: Merge with EOM 1.109Niklas Hallqvist
isakmpd.conf.5: Merge with EOM 1.38 message.c: Merge with EOM 1.142 pf_key_v2.c: Merge with EOM 1.35 x509.c: Merge with EOM 1.31 author: niklas (c) 2000
2000-01-26Merge with EOM 1.37Niklas Hallqvist
date: 2000/01/25 11:19:34; author: niklas; state: Exp; lines: +3 -3 useable->usable; from openbsd author: angelos Oops on previous PFS-policy patch. Small fixes in the manpages. author: angelos Default value for policy-file.
2000-01-22Spell it "usable", not "useable", for consistency across the man pages.Aaron Campbell
1999-10-01Merge with EOM 1.34Niklas Hallqvist
author: niklas Typo fix from alex@openbsd.org author: angelos Allow "Life" to be ANY author: angelos Allow "ANY" in some fields
1999-09-23Typo fixes.Alex Feldman
1999-08-26Merge with EOM 1.31Niklas Hallqvist
author: angelos Document the ID section/tag for Phase 1 exchanges.
1999-07-18Merge with EOM 1.30Niklas Hallqvist
author: niklas More sync with OpenBSD version
1999-07-18samples/VPN-east.conf: Merge with EOM 1.7Niklas Hallqvist
samples/VPN-west.conf: Merge with EOM 1.7 samples/singlehost-west.conf: Merge with EOM 1.4 samples/singlehost-east.conf: Merge with EOM 1.4 README.PKI: Merge with EOM 1.3 ike_auth.c: Merge with EOM 1.33 isakmpd.conf.5: Merge with EOM 1.28 author: niklas Moving the PRIVKEY tag into the X509-certificates section, renaming it to Private-key. Also rename the keynote policy file.
1999-07-17regress/rsakeygen/Makefile: Merge with EOM 1.4Niklas Hallqvist
regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8 regress/x509/Makefile: Merge with EOM 1.6 regress/x509/x509test.c: Merge with EOM 1.6 regress/Makefile: Merge with EOM 1.8 samples/VPN-east.conf: Merge with EOM 1.6 samples/VPN-west.conf: Merge with EOM 1.6 samples/singlehost-east.conf: Merge with EOM 1.3 samples/singlehost-west.conf: Merge with EOM 1.3 sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5 x509.h: Merge with EOM 1.6 x509.c: Merge with EOM 1.17 DESIGN-NOTES: Merge with EOM 1.46 Makefile: Merge with EOM 1.55 cert.c: Merge with EOM 1.11 cert.h: Merge with EOM 1.6 exchange.c: Merge with EOM 1.109 exchange.h: Merge with EOM 1.26 ike_auth.c: Merge with EOM 1.32 ike_phase_1.c: Merge with EOM 1.7 init.c: Merge with EOM 1.16 isakmpd.conf.5: Merge with EOM 1.27 README.PKI: Merge with EOM 1.1 author: niklas From Niels Provos, edited by me: certificate support using SSLeay
1999-07-09- remove all trailing whitespaceAaron Campbell
* except when it is escaped with a `\' at the end of the line - fix remaining .Nm usage as well - this is from a patch I received from kwesterback@home.com, who has been working on some scripts for fixing formatting errors in mdoc'd man pages Ok, so there could be a cost/benefit debate with this commit, but since I have the patch we might as well commit it...
1999-07-07Merge with EOM 1.26Niklas Hallqvist
author: niklas Merge in fixes done in the OpenBSD tree author: ho Add keynote policy-file. author: ho No more Stayalive-flag.
1999-07-03remove redundant .Pp macrosAaron Campbell
1999-06-02Merge with EOM 1.23Niklas Hallqvist
author: niklas Doc fixes from OpenBSD author: niklas Some extra error checking, documentation and style wrt connections author: niklas Initial text for Passive-Connections author: niklas Doc fix from OpenBSD
1999-05-16Cleanup xrefs under SEE ALSO. Specifically:Alex Feldman
- Sort xrefs by section, and then alphabetically. - Add missing commas between xref items. - Remove commas from the last xref entry. - Remove duplicate entries.
1999-05-01sysdep/openbsd/sysdep.c: Merge with EOM 1.7Niklas Hallqvist
DESIGN-NOTES: Merge with EOM 1.42 Makefile: Merge with EOM 1.51 app.c: Merge with EOM 1.6 conf.c: Merge with EOM 1.18 init.c: Merge with EOM 1.14 isakmpd.conf.5: Merge with EOM 1.19 pf_encap.c: Merge with EOM 1.64 pf_encap.h: Merge with EOM 1.12 pf_key_v2.h: Merge with EOM 1.3 sysdep.h: Merge with EOM 1.16 transport.c: Merge with EOM 1.40 ui.c: Merge with EOM 1.32 author: niklas A new connection abstraction
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-11 07:50:44 +0000