Le 12 janv. 2011 à 16:39, Jim Pingle a écrit :
> [please don't top post]
> On 1/12/2011 10:13 AM, bsd wrote:
>> Le 12 janv. 2011 à 13:53, Jim Pingle a écrit :
>>
>>> On 1/12/2011 5:48 AM, bsd wrote:
>>>> Hello,
>>>>
>>>> I am trying to import a Shared Key from a previous XML file, It looks like
>>>> the key found in the XML file can not be directly copy / pasted in the
>>>> shared key box.
>>>>
>>>> Do you know what I have to "cut out" to make It work ?
>>>>
>>>> The key looks similar as this one :
>>>>
>>>> <shared_key>LS0tLS1CRUdJTiBPcGVuVlBOIFN0YXRpYyBrZXkgVjEtLS0tLQ0KNDNjNGZhODgyMjI0ZDI5NmFjNGQ1YjIzOTM5MGI4MjMNCmIwZGMxODc4NzEwZWFhMzRkNWU1MWE5YTJkY2ExYjc5DQpiYjQ4OTEwZmMwMTg3NzM3YmI1YmFkYTNhZTQzMjRkYQ0KZTI4Zjg3NDJiNDJkMzRlZDBiZTBjOTMxYTBkM2NkMjANCjRkNWUyOWM2ZTA5MzQ0NTU2NDBhNjI4YWNmMmNlNDRiDQpmYjUyMGQ1NmZiNmExZjA4ZmQwMTQ2YjRmZmY0ZmFiNA0KNTdjODgwNTQ0NzY0ZjdjZjJlYWJlYWYxZmEwY2JmMDMNCjY1ZjIzMzkzNDA4YmIyZThhZGU3MzA3Zjg5ZWE0MDUwDQoxyTkwYjczYzZiNWI1NmQ2NzZiMGUzMjUwYTMyNWMzNA0KNDA5ZTY5NzdmYzI2NmM1Y2FiYzg3YmY5ZjMwYzg0NmQNCjg4OTIwNTAzMGEyNzRkYTdiM2M1ZjJjMTU1MzNiNjk3DQo4NzM0ZjJhMzFhMTFhYzAyYzM0ZTMyNDE0xyFmNmNhMg0KZWU1Y2Y3OTllMTkxMmNkODUxMjY0MWI3OTI2M2MyMTMNCjllMjE1MWJlY2FhMzM5MjJmNDc0ZWFiNGIxY2FiZjgxDQpjYmY5NDUwYWEwOWVmOTk3YmVkM2QzMThiYjRlMDY2Yw0KNDMzYzc4NWMzYzNjOGRmMGQ2NWM0MTlhYTEzODQzOGENCi0tLS0tRU5EIE9wZW5WUE4gU3RhdGljIGtleSBWMS0tLS0t</shared_key>
>>>
>>> It's base64 encoded inside of the XML. You could copy/paste it into a
>>> backup of the target router, or if you want the decoded version, go to
>>> Diagnostics > Command, and type in:
>>>
>>> echo base64_decode("LSOtLS[...]");
>>>
>>> Put the contents of the <shared_key></shared_key> tag inside the quote
>>> marks, not the tags itself. When you press Execute, it should give you
>>> the plain text version you can then copy/paste.
>>>
>> Ok,
>>
>> Thanks very much.
>> I didn't manage to get It working with the provided command line, got a
>>
>> Badly placed ()'s.
>>
>> … Anyway I have managed to get It decoded and working ok.
>
> It should have gone in the PHP execute code box, not the command line.
> Sorry for that.
>
> You also should probably generate a new key, seeing as everyone on the
> list (and those that can read the archive) now have a copy of your
> shared key. :-)
>
> If you're on 1.2.3 it's easy to make a new key, just go to Diagnostics >
> Command, and in the shell execute box, type:
> openvpn --genkey --secret /dev/stdout
>
> Then copy/paste that to both boxes. It's probably better from a security
> standpoint to make new shared keys in most cases than to keep importing
> them over and over.
>
> Jim
Don't worry about that, unless you find out which part of the key I have
modified before posting It, you have very very little chance to find out my
key… ;-)
––––––––––––––––––––––––––––––––––––––––––––––
---------> Grégory Bernard Director <---------
---------------> www.osnet.eu <---------------
--> Your provider of OpenSource appliances <--
––––––––––––––––––––––––––––––––––––––––––––––
OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
