[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Possible error in vpn(8) man page

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Possible error in vpn(8) man page
From: "Will H. Backman" <whb_(_at_)_ceimaine_(_dot_)_org>
Date: Fri, 23 Dec 2005 12:27:55 -0500

According to the vpn(8) man page: Paragraph just before section header for Creating IPsec Flows [manual keying]

"Note that when no authentication and encryption algorithms are defined, ipsecctl(8) will automatically use HMAC-SHA2-256 for authentication and AES-128 in countermode for encryption. Therefore the authentication key needs to be 256 bits long; the encryption key 128 bits. For details see ipsec.conf(5)."

If I create an ipsec.conf file that does not define an authentication or encryption algorithm, I get warnings if my encryption key is less than 160 bits. Man page states that it must be at least 128.

Follow-Ups:
- Re: Possible error in vpn(8) man page
  - From: Jason McIntyre

Prev by Date: Backup Techniques onto DVD+-RW
Next by Date: Your request for Express Transfer - attn: misc@openbsd.org
Previous by thread: Re: Backup Techniques onto DVD+-RW
Next by thread: Re: Possible error in vpn(8) man page
Index(es):
- Date
- Thread

Visit your host, monkey.org