wiki/wiki
1
0
Fork 0
mirror of https://git.dn42.dev/wiki/wiki synced 2025-03-15 03:43:33 +00:00
Code Issues Releases Wiki Activity

Updated IPsec with PublicKeys (markdown)

Browse Source
This commit is contained in:
Anonymous 2015-01-15 14:12:59 +00:00
parent 20235ad1b9
commit 38b4fb6602
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
howto/IPsec-with-PublicKeys.md
View File

@ -1,6 +1,7 @@
# IPsec with public key authentication # IPsec with public key authentication
## Stop using pre-shared keys! ## Stop using pre-shared keys!
### Pre-shared keys suck, because _reasons_ ### Pre-shared keys suck, because _reasons_
* __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face * __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face
* Most implementations will accept insecure (too short, too simple) keys * Most implementations will accept insecure (too short, too simple) keys
* The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or * The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or