README FOR ipsec_genkey ----------------------- ipsec_genkey creates some configuration lines for Solaris 8 IPsec and for FreeS/WAN, the Linux implementation of IPsec. That includes random generation of private keys, which is the primary work of this script. For more information on which files are involved and how to use them, see the presentation "IPsec: Manageable & Interoperable Implementations", at . INSTALLATION ------------ In the Makefile, set INST_ROOT to wherever you want the software installed. You may also need to change the INSTALL command, depending on the location and version of "install" on your system. Then run "make install". USE --- Running ipsec_genkey without arguments prints out a usage statement. The arguments are a cryptographic algorithm to use for authentication (either MD5 or SHA), an algorithm to use for encryption (either DES or Triple-DES), a destination address for which the keys are used, and an optional source address to limit the use of the keys. PLATFORMS --------- ipsec_genkey has been tested on the following platforms: - Linux - Red Hat, versions 7.x - Solaris - version 8 I plan on extending this to use with KAME, which should cover *BSD and Darwin/Mac OS X. I'd also like to include Solaris 9 IPsec, but I don't currently have access to a system on which I can test. CHANGES ------- You're not required by the license to submit changes back to the source, but I'd appreciate portability improvements or enhancements of general applicability. You can email new versions or contextual diffs ("diff -c old_file new_file") to . Some things to keep in mind if you do this: - Formatting - I use tabs for indentation, and sometimes to align code segments for readability. Please do the same. - Please don't use NotePad or some other Windows editor to make changes. Or if you do, get rid of the DOS linefeeds before submitting changes. - Please try to follow the formatting conventions established in the existing code. - Readability - Usually, I will trade off efficiency (of running time or of development time) in favor of readability. - Insert meaningful comments where appropriate. - Portability - All shell scripts are Bourne-compatible. I won't use shell- specific constructs from bash, ksh, etc. - Don't use OS-specific features, pathnames, etc., unless they're guarded by code checking the OS version, or they're in user-settable variables toward the top of the script. CONTRIBUTORS ------------ Leon Towns-von Stauber Enjoy! Copyright (c) 2001-2003. All rights reserved. See the LICENSE file distributed with this code for restrictions on its use and further distribution. Original distribution available at .