개요

• 솔라나라에 설명된 어플리케이션에 대해 맨 페이지를 찾아 출력한다.
• MAN 페이지에 대한 설명은 윈디하나의 솔라나라: MAN 페이지을 참고하자.
• svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.

ike.preshared(5)

ike.preshared(5)                 File Formats                 ike.preshared(5)



NAME
       ike.preshared - pre-shared keys file for IKE

SYNOPSIS
       /etc/inet/secret/ike.preshared

DESCRIPTION
       The /etc/inet/secret/ike.preshared file contains secret keying material
       that two IKE instances can use to authenticate each other.  Because  of
       the  sensitive  nature of this data, it is kept in the /etc/inet/secret
       directory, which is only accessible by root.


       Pre-shared keys are delimited by open-curly-brace ({) and  close-curly-
       brace (}) characters. There are five name-value pairs required inside a
       pre-shared key:


       tab(); cw(1.83i)  cw(1.83i)  cw(1.83i)  lw(1.83i)  lw(1.83i)  lw(1.83i)
       NameValueExample  _ localidtypeIPlocalidtype IP remoteidtypeIPremoteid‐
       type   IP   localidIP-addresslocalid   10.1.1.2    Subnet/Prefixlocalid
       10.1.1.0/24  remoteidIP-addressremoteid  10.1.1.3 Subnet/Prefixremoteid
       10.1.1.0/24  keyhex-string1234567890abcdef   hex-string1234567890abcdef
       hex-string0x1234567890abcdef ASCII-string"This is my preshared key"



       Comment lines with # appearing in the first column are also legal.


       An  ASCII-string  can  consist  of any valid ASCII character except for
       NEWLINE. A backslash (\) is considered an escape character when it pre‐
       cedes  a  double quote or itself. Otherwise a backslash is taken liter‐
       ally.


       Files in this format can also be used by the ikeadm(8) command to  load
       additional pre-shared keys into a running an in.iked(8) process.

EXAMPLES
       Example 1 A Sample ike.preshared File



       The following is an example of an ike.preshared file:



         #
         # Two pre-shared keys between myself, 10.1.1.2, and two remote
         # hosts.  Note that names are not allowed for IP addresses.
         #
         # A decent hex string can be obtained by performing:
         #           od -x </dev/random | head
         #

         {
             localidtype IP
             localid 10.1.1.2
             remoteidtype IP
             remoteid 10.21.12.4
             key 4b656265207761732068657265210c0a
         }
         {
             localidtype IP
             localid 10.1.1.2
             remoteidtype IP
             remoteid 10.21.13.0/24
             key "str!ng 0f my ch01c3"
         }

         {
            localidtype IP
            localid 10.1.1.2
            remoteidtype IP
            remoteid 10.9.1.25
            key 536f20776572652042696c6c2c2052656e65652c20616e642043687269732e0a
         }


SECURITY
       If  this  file  is compromised, all IPsec security associations derived
       from secrets in this file will be compromised as well. The default per‐
       missions  on  ike.preshared  are  0600.  They should stay this way. The
       pfedit(8) command should not be used to modify this file as it has  the
       potential to put sensitive keying material into the audit log.

ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab()  box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
       TRIBUTE VALUE _ Availabilitysystem/network/ike


SEE ALSO
       od(1), random(4D), attributes(7), ikeadm(8), in.iked(8), ipseckey(8)



Oracle Solaris 11.4               21 Jun 2021                 ike.preshared(5)