# This is a sample ipsec.secrets file -- Yours had better be different! # See the ipsec_pluto(8) manpage for a specification. # 194.100.55.1 is isakmp-test.ssh.fi # localhost is a domain name (but not actually useful) 194.100.55.1 localhost: "whatcertificatereally" # the following entry could authenticate any of 10 different pairings isakmp-test.ssh.fi my1.imaginary.name my2.imaginary.name my3.imaginary.name # coffee pot (rarely perks up) my4.imaginary.name: "another secret" # perhaps the only use for an entry with a single index: # testing with two Plutos on the same system. 127.000.000.001: "loopy loo" # Here is an RSA secret key. # The empty index list means that it will be used unless a more specific match is found. # This was generated by "ipsec rsasigkey 1024". # The pubkey comment is suitable for copying into config.sys. : RSA { # 1024 bits, Fri Feb 4 20:18:49 2000 # for signatures only, UNSAFE FOR ENCRYPTION #pubkey=0x0103eb25f173b1d08a181e42efa6366973fa32e77f0beaf081ba9e5aad500ac5803cca6e2c61ad0128e5042b1f77361900e03ec8e5cb9a69bb8355f2bf7c5eeedf187be5f6b4fecc1e84384c892ac6a14b4df5d142c88a34b94015b92f1a5a9c6c5d94b26677e652bf02ac356bd7760551069abb6e34716ff55f6944bdca776d3d01 Modulus: 0xeb25f173b1d08a181e42efa6366973fa32e77f0beaf081ba9e5aad500ac5803cca6e2c61ad0128e5042b1f77361900e03ec8e5cb9a69bb8355f2bf7c5eeedf187be5f6b4fecc1e84384c892ac6a14b4df5d142c88a34b94015b92f1a5a9c6c5d94b26677e652bf02ac356bd7760551069abb6e34716ff55f6944bdca776d3d01 PublicExponent: 0x03 # everything after this point is secret PrivateExponent: 0x9cc3f64d2135b1656981f519799ba2a6cc9a54b29ca0567c6991c8e0072e557ddc4972ebc8ab7098ad7214fa2410ab4029db43dd119bd2578ea1d4fd949f3f6460b5a63f0baf9297bbdd53e716488110001bd7b44c0ba42a13cd7db2483bc3cab84cad0c7042f482a7fae5eb88c522c41a9af62794df5ee51ab86cdd7dd84ae3 Prime1: 0xfb089c59ac846f6e8208363c1de4febf7dc54e6091a91c6d66bb27b2cddc77141c704d61209c038e00b928e58874af38d95c7edef488e28e026cdccbf828e6cb Prime2: 0xefcce0fcc0c053321c785514074f8af677e230d9867a26939149cadc20664f9963cf15841d524cb0af83ea10a068eda799767e1a1d980479bec33db2427fe5e3 Exponent1: 0xa75b12e67302f4f456b0242813edff2a53d8deeb0bc612f399d21a7733e84f62bda0339615bd57b4007b709905a31f7b3b92ff3f4db0970956f33ddd501b4487 Exponent2: 0x9fddeb532b2ae221685038b804dfb1f9a54175e659a6c46260dbdc92c0443510ed34b902be36ddcb1fad46b5c045f3c510f9a966be65585129d77e76d6ffee97 Coefficient: 0xd737e14baf3d5b51d64c7d0f046596b8e82344831f5041b96ade16106ebaab32a02d64e36295ca6786423294d1c269c2f16e510d421f3c651d37bdc9eb16ff7d } # Here is another RSA secret key -- having two helps testing @example.com: RSA { # 1040 bits, Fri Feb 4 20:22:17 2000 # for signatures only, UNSAFE FOR ENCRYPTION #pubkey=0x01039ca44e930fc0690ab6c523cf99390f7704acf6759b7040b80e012a6b34af5bfe3a1b4ac48cf3b3216364a6f4d7d81a31b60522fadf8189d118fe2886368d3742a79d7702a6218292877de81a2b95c572f54021300d471ce9d99ed6a0349f2fb090dda9d23118b7cb2f4e8ce6af0cbbbe4abe3894222d06b144f14672f97c45fc6e6f Modulus: 0x9ca44e930fc0690ab6c523cf99390f7704acf6759b7040b80e012a6b34af5bfe3a1b4ac48cf3b3216364a6f4d7d81a31b60522fadf8189d118fe2886368d3742a79d7702a6218292877de81a2b95c572f54021300d471ce9d99ed6a0349f2fb090dda9d23118b7cb2f4e8ce6af0cbbbe4abe3894222d06b144f14672f97c45fc6e6f PublicExponent: 0x03 # everything after this point is secret PrivateExponent: 0x686d89b75fd59b5c79d8c28a66260a4f58734ef9124ad5d009561c477874e7fed167872db34d2216424319f88fe566cbceae1751ea565be0bb541b04245e24d7195d2dc6ef444d701722b103a7a4771b304b79b55f9d00e15d216605e7969eb099976c352fad34d50c484ac5847625280a46bcb7550861af71a88d2ddd3f9dfcf97b Prime1: 0xd854fefc579105532bf1085a7703bb289712d2a76a67837253864d65ff70ded79bcc70dda31c762074c3aa48dde42861e193145a5baba143718f31f7e33a8bf1ed Prime2: 0xb95d5942e37d65119ded8c55a80f0f0437d7cd567134145b993749f33dd0c8d2debb118bf1cc157c6d59141f7d9fd9d9728a6cc844c888d702e37c35b99e75064b Exponent1: 0x9038a9fd8fb6038cc7f60591a4ad277064b7371a46efacf6e25988eeaa4b3f3a67dda093c212f96af8827185e942c59696620d9192726b824bb4cbfa977c5d4bf3 Exponent2: 0x7b9390d7425398b6694908391ab4b4ad7a8fde39a0cd62e7bb7a314cd3e085e1e9d20bb2a132b8fd9e3b62bfa9153be64c5c488583305b3a01ecfd792669a35987 Coefficient: 0x7d1d1446c68e22cacb7d2f824aae8864ba5dba5d6afe28f108952a129f81be5d985824a71720f0c19b4c1b4d0fa1ffab0282b5391b78bc094b9e7309282c5b65ac } # other secrets files can be interpolated include /dev/null # who knows what secrets lurk in /dev/null?