Login or Register to Ask a Question and Join Our Community


Linux

IPSec using racoon w/ kerberos authentication

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux IPSec using racoon w/ kerberos authentication
# 1  
Old 10-21-2008
IPSec using racoon w/ kerberos authentication
Hi,

Anyone can point me a good link to setup IPSec using racoon IKE which uses gssapi_krb authentication method?

I have a debain linux box and Windows 2003R2 system, and I want them to communicate using IPSec.

Thanks,
Emily.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

PERL and Kerberos authentication

I am installing Authen::Krb5::Easy and during make test I am getting the follwing error : kinit not ok 2 error was: could not get initial credentials: Cannot contact any KDC for requested realm we are stroring krb5.conf in diff location ( not in /etc/krb5.conf) , but, PERL is... (1 Reply)
Discussion started by: talashil
1 Replies

2. Shell Programming and Scripting

How to automatically store/cache password for kerberos authentication

Hi All, I am currently writing script to get the details for lot of hosts from jump server. Means each and every time it will ssh to the host and get the information. To achieve that I need to automatically accept the password from Jump server to that main hosts. We are using kerberos password... (6 Replies)
Discussion started by: kamauv234
6 Replies

3. UNIX for Dummies Questions & Answers

Kerberos Authentication error

Hi , I am trying to authenticate my id on client server with Kerberos and receiving below error kinit rpagadala@BDC.soft.net kinit: Cannot contact any KDC for realm 'BDC.soft.net' while getting initial credentials Please find krb5.conf on the client server configuration which is... (1 Reply)
Discussion started by: Tomlight
1 Replies

4. AIX

SSH and kerberos authentication problem AIX 5.3

I've configured an AIX 5.3 client to use our Windows AD for user authentication via Kerberos. When I try to ssh to the server using the AD credentials, I eventually get access but not after getting prompted for a password 3 times (which doesn't work) followed by an accepted login on the 4th... (3 Replies)
Discussion started by: jmroderick
3 Replies

5. Red Hat

PAM configuration: Kerberos authentication and NIS authorization problem

Hi, I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS. The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies

6. Programming

Kerberos Authentication c/c++

I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api. Can anyone point me in the right... (0 Replies)
Discussion started by: mshindo
0 Replies

7. UNIX for Dummies Questions & Answers

Kerberos Authentication from Application

Hi, We've configured Kerberos to authenticate AIX 5.3 users with Active Directory and I now have to port an application written in C to the new security model. Currently, our users can login as normal and running a "klist" command reveals that they have been successfully granted a ticket. ... (2 Replies)
Discussion started by: phykell
2 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

ipsec_migrate

ipsec_migrate(1M)														 ipsec_migrate(1M)

NAME

       ipsec_migrate - HP-UX IPSec configuration file migration tool

SYNOPSIS


DESCRIPTION

       is a utility for migrating HP-UX IPSec configuration files to the current version.  The utility stores backup copies of the following files
       in the directory before converting them:

       If the certificate data files and exist on the system, prompts for the HP-UX IPSec password and uses the password to decrypt  the  certifi-
       cate data files.  The utility then converts and stores the certificate data in new files under the directory.

       requires the optional HP-UX IPSec software.

   Migrating HP-UX IPSec version A.02.01 to version A.03.00
       The utility performs the following tasks when migrating configuration data from HP-UX IPSec version A.02.01 to version A.03.00:

		 o  Converts policies to policy objects.

		    The  utility  ignores the IKE authentication value in policies.  IKEv1 policies do not include a value for the IKE authentica-
		    tion method.  The IKE authentication method is specified in authentication records using the and arguments.

		    The converts the value to a value for perfect forward secrecy IKEv1 policies do not include a value for maximum  quick  modes.
		    If the value is 1, creates an policy with If the value is greater than 1, creates an IKEv1 policy with

		    Note: Do not enable IKEv1 PFS with a system using an HP-UX IPSec release prior to A.03.00.

		    The converts values in the hash field to IKE DES encryption is obsolete.

		 o  Adds  a  priority value to authentication records.	The utility sorts existing authentication records using the address prefix
		    length (longest to shortest).  The migration utility sets the priority for the first record  to  the  value  of  the  priority
		    parameter  value  in  the  AuthPolicy-Defaults  section of the HP-UX IPSec profile file; the default priority value is 10. The
		    utility increments the priority value for each subsequent record by the priority value.

		 o  Replaces DES transforms and nested transforms in host and tunnel policies with the default actions in the file. For host poli-
		    cies, the default action is For tunnel policies, the default action is the transform.

		 o  If	the and files exist, the extracts and converts the private key, local certificate, and CA certificate from these files and
		    stores them in new files under the directory.

		 o  If the file exists, creates a softlink to the file.  The file is a script that retrieves the CRL from an  LDAP  directory  and
		    can be executed from a cron job.

RETURN VALUE

       Upon successful completion, returns 0; otherwise it returns 1.

ERRORS

       fails if any of the following conditions is encountered:

	      o  Command used incorrectly - Usage message is returned.

	      o  The user is not the superuser.

	      o  The file specified in the option does not exist.

	      o  The file specified in the option is not a regular file.

	      o  The file specified in the option is not readable.

	      o  The file specified in the option is not an valid configuration file.

	      o  The file specified in the option exists.

	      o  The file is missing or corrupted.

	      o  Based on the information in cannot build a valid set of transformations to transform the file specified in the option to the file
		 specified in the option.

WARNINGS

       requires the optional HP-UX IPSec software.

AUTHOR

       was developed by HP.

FILES

       SEE ALSO
	      ipsec_config(1M),  ipsec_config_add(1M),	ipsec_config_batch(1M),   ipsec_config_delete(1M),   ipsec_config_export(1M),	ipsec_con-
	      fig_show(1M), ipsec_policy(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required					 ipsec_migrate(1M)