version 1.559, 2022/06/28 18:46:01 |
version 1.560, 2022/07/11 18:19:47 |
|
|
local _iked_pub=/etc/iked/local.pub |
local _iked_pub=/etc/iked/local.pub |
|
|
if [[ ! -f $_isakmpd_key ]]; then |
if [[ ! -f $_isakmpd_key ]]; then |
echo -n "openssl: generating isakmpd/iked RSA keys... " |
echo -n "openssl: generating isakmpd RSA keys... " |
if openssl genrsa -out $_isakmpd_key 2048 >/dev/null 2>&1 && |
if openssl genrsa -out $_isakmpd_key 2048 >/dev/null 2>&1 && |
chmod 600 $_isakmpd_key && |
chmod 600 $_isakmpd_key && |
openssl rsa -out $_isakmpd_pub -in $_isakmpd_key \ |
openssl rsa -out $_isakmpd_pub -in $_isakmpd_key \ |
|
|
fi |
fi |
|
|
if [[ ! -f $_iked_key ]]; then |
if [[ ! -f $_iked_key ]]; then |
# Just copy the generated isakmpd key |
echo -n "openssl: generating iked ECDSA keys... " |
cp $_isakmpd_key $_iked_key |
if openssl ecparam -genkey -name prime256v1 -out $_iked_key >/dev/null 2>&1 && |
chmod 600 $_iked_key |
chmod 600 $_iked_key && |
cp $_isakmpd_pub $_iked_pub |
openssl ec -out $_iked_pub -in $_iked_key \ |
|
-pubout >/dev/null 2>&1; then |
|
echo done. |
|
else |
|
echo failed. |
|
fi |
fi |
fi |
|
|
ssh-keygen -A |
ssh-keygen -A |