Red Hat Bugzilla – Bug 150552
ipsec limited to ascii only keys
Last modified: 2014-03-16 22:52:46 EDT
Description of problem:
If you create a ifcfg-ipsec0 file, you can only specify keys
using ascii, not hex, due to quoting which is done in the ifup-ipsec
script. The ipsec HOWTO shows how to create random hex keys, but not
how to create random ascii keys. The online Red Hat docs (for
and the next two pages) don't mention how to create secure ascii keys
and refers to the ipsec HOWTO as well.
Version-Release number of selected component (if applicable):
FC3 and RHEL4
Steps to Reproduce:
1. Put a hex key in the config file (with or without 0x prefix)
Failure due to key length mismatch
Should realise that its a hex key from its length and then
format it correctly for setkey to parse.
Created attachment 112401 [details]
a patch for this
This assumes any key prefixed with '0x' is hex, otherwise, it's ASCII.
Should be backwards-compatible.
Will be in initscripts-8.06-1.
*** Bug 150579 has been marked as a duplicate of this bug. ***
*** Bug 153723 has been marked as a duplicate of this bug. ***