-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Tom.
On 10/26/2015 6:54 PM, Tom Robinson wrote: > I'm migrating an older CentOS 5 installation from > Openswan-2.6.32-9 to Libreswan-3.0-1. > > I have a couple of issues: > > 1) I downloaded the libreswan rpm > fromhttps://download.libreswan.org/binaries/rhel/5/i386/ but it > appears to have a bad signature: # rpm -qp libreswan-3.0-1.i386.rpm > error: libreswan-3.0-1.i386.rpm: Header V4 RSA/SHA256 signature: > BAD, key ID b30fc6f9 > > I've installed the > https://download.libreswan.org/binaries/RPM-GPG-KEY-libreswan but > it still reports a bad key. Now I've installed it with the > --nosignature option. I've also had issues with signatures in the LibreSWAN repository; not quite sure what's going on there. > 2) With my openswan configurations I used an include statement in > the main /etc/ipsec.conf file to include configurations in the > /etc/ipsec.d directory. > > # grep include /etc/ipsec.conf include /etc/ipsec.d/*.conf > > But this appears to be broken on my setup with libreswan. > Libreswan would load only one of three configurations. The others > wouldn't load. Libreswan kept reporting such things as: > > # ipsec auto --add seattle conn 'seattle': not found (tried > aliases) Is there a particular reason you installed 3.0 rather than the 3.9 package which is available from the same location? I'd try a later version, personally. I managed to build 3.10 on CentOS 5 by tweaking the spec file from 3.9 and snagging the 3.10 source; I have a number of included .conf files working with no issues, so my speculation is that you've got an early-release bug. - -- Nels Lindquist <[email protected]> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) iEYEARECAAYFAlYw3M0ACgkQh6z5POoOLgSSaQCcDDnFNDw8tnCyYhSPjSm9Xg8n NpcAn2dG6wwu4mc/J3gdml5TiB04b/lM =rco4 -----END PGP SIGNATURE----- _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
