On Tue, 2008-10-28 at 08:43 +0000, New Acct wrote: > > ---------------------------------------- > > Subject: Re: Vpn Connections. > > From: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > > Date: Mon, 27 Oct 2008 13:01:28 -0400 > > CC: [EMAIL PROTECTED]; [email protected] > > > > On Mon, 2008-10-27 at 12:34 -0400, Paul Wouters wrote: > >> On Mon, 27 Oct 2008, Martinsson Patrik wrote: > >> > >>> How does NetworkManagaer handle the import of cisco pcf file ? > >>> What im really interested in is if it uses all the settings i have in > >>> that file ? > >> > >> Openswan has a pcf2os.pl script on contrib/ that can convert pcf files to > >> openswan > >> config files. However, the pcf file can contain an obfuscated group PSK. I > >> don't know > >> if anyone ever wrote a proper deobfuscation program. There used to be > >> something at > >> http://femto.cs.uiuc.edu/~sbond/vpnc/ which basically amounted to running > >> the > >> cisco client through ltrace -i and read it from a memcpy statement. > > > > It's been completely handled now, vpnc ships a 'cisco-decrypt' in the > > tarball which doesn't depend on the binary cisco client. There are some > > patches awaiting my review that will automatically decrypt the group > > password on import. > > > > Dan > > In fact, it's even easier. vpnc runs a web form to decode encrypted group > password. You just have to type in the encrypted password and click decode: > http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
Um, that's sort of insecure :) Seriously, /usr/bin/cisco-decrypt is the easiest solution by far. If you have vpnc installed, you have cisco-decrypt (or else your distros vpnc maintainer should be shot). You don't even need network access for it, and your group secret doesn't escape outside your machine. Dan _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
