mirror of
https://git.dn42.dev/wiki/wiki
synced 2025-03-15 03:43:33 +00:00
Updated IPsec with PublicKeys (markdown)
This commit is contained in:
parent
20235ad1b9
commit
38b4fb6602
@ -1,6 +1,7 @@
|
|||||||
# IPsec with public key authentication
|
# IPsec with public key authentication
|
||||||
## Stop using pre-shared keys!
|
## Stop using pre-shared keys!
|
||||||
### Pre-shared keys suck, because _reasons_
|
### Pre-shared keys suck, because _reasons_
|
||||||
|
|
||||||
* __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face
|
* __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face
|
||||||
* Most implementations will accept insecure (too short, too simple) keys
|
* Most implementations will accept insecure (too short, too simple) keys
|
||||||
* The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or
|
* The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or
|
||||||
|
Loading…
x
Reference in New Issue
Block a user