Hi Aaron, with the ipsec.conf setting
charondebug="ike 4" SK_ei, SK_er, SK_ai, SK_ar are written to the log. As an alternative the command ipsec stroke loglevel ike 4 achieves the same when the charon daemon is already running. Best regards Andreas Aaron Zhang wrote: > Hi all. > > > > Are there any ways to dump the SK_ei, SK_er, SK_ai, SK_ar of the IKE_SA > which are useful to decrypt the IKE_AUTH packet with wireshark. > > I set the debug as 4 for all debug type. But there are not such information. > > > > thanks > > -Aaron ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
