[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP/IPsec

To: <paul@xciv.org>, <tech@openbsd.org>
Subject: Re: PGP/IPsec
From: "Luke Renn" <lrenn@etci.com>
Date: Mon, 14 Feb 2000 10:14:49 -0500
References: <E12Jdp7-0005EK-00@mailhost.xciv.org>

yes, its possible.  if you are just doing host to host, you don't even need
the commericial version.  I've used the mac client to connect to a secure
openbsd machine.  You'll need to go through the archives of this list (and
misc??) and look for messages from Patrick Ethier (PGP should also be in the
sujbect).  Its not that difficult, if you still have problems send me an
e-mail.

Luke

----- Original Message -----
From: Paul Civati <paul@xciv.org>
To: <tech@openbsd.org>
Sent: Saturday, February 12, 2000 9:47 AM
Subject: PGP/IPsec


>
> One of my users has PGP (commercial from McAfee, PGP for Personal Privacy
> 6.5.1) for his Mac and has asked me about IPsec capability.
>
> I have read ipsecadm(8) and vpn(8), but am unclear as to how much
> configuration is required to make this work, if at all.
>
> The example is for a subnet<->subnet VPN, whereas all we require is
> a single (dynamic, which will complicate things) IP to a single IP
> secure connection.
>
> Has anyone done this successfully?
>
> Do I just need to do as per vpn(8) or can it be simpler than that?
>
> His configuration supports:
>
>   Ciphers: CAST or 3DES
>   Hashes: Sha1 or MD5
>   Diffie-Hellman: 1024 or 1536 bits
>   Comperssion: LZS or Deflate
>   Authentication via PGP key or X.509
>
> -Paul-
>

References:
- PGP/IPsec
  - From: Paul Civati <paul@xciv.org>

Prev by Date: Re: killall again
Next by Date: ESS Maestro
Prev by thread: PGP/IPsec
Next by thread: 2.6-current 01/02/2000kern/user reboot
Index(es):
- Date
- Thread