If I started isakmpd on OBSD 6.6:
test66/etc/isakmpd>isakmpd -4 -K -T -d
154833.658332 Default isakmpd: starting [priv]
154833.660031 Default conf_reinit: open("/etc/isakmpd/isakmpd.conf",
O_RDONLY, 0) failed: Permission denied
But, older version OBSD didn't ask for isakmpd.conf, if I use -K switch:
test65/etc>isakmpd -4 -K -T -d -v
134717.294458 Default isakmpd: starting [priv]
134717.505904 Default attribute_unacceptable: ENCRYPTION_ALGORITHM: got
AES_CBC, expected 3DES_CBC
134717.505926 Default message_negotiate_sa: no compatible proposal found
So, I put appropriate (before there was none isakmpd.conf):
-rw------ /etc/isakmpd/isakmpd.conf
on OpenBSD 6.6, with something trivial in it, there is no log error any
more.
Second observation
on OBSD 6.6, isakmpd is started:
test66/etc/isakmpd>isakmpd -4 -K -T -d
test66/etc>ipsecctl -f ipsec.conf
I find:
ike_auth_get_key: failed opening "/etc/isakmpd/private//10.blahblah"
So, I must:
>cp /etc/isakmpd/private/local.key 10.blahhh.. (my IP addr)
After that, there is no such error.
All that does't look like serious problems, but is it all regular
behaviour? I didn't find any changes in man pages.
IKos
[email protected]
