Hello Chetan, the debug output line in ipsec_doi.c is:
DBG(DBG_CRYPT,
DBG_dump_chunk("enc key:", st->st_enc_key);
Thus grepping for "enc key:" should work. See also the
following example scenario where --debug-crypt is enabled:
http://www.strongswan.org/uml/testresults46/ikev1/alg-blowfish/moon.auth.log
Regards
Andreas
On 08.08.2012 04:59, Chetan Sharma wrote:
> Hi Guys,
>
> I can easily decrypt ESP packets but I also wanted to decrypt ISAKMP
> phase 1 encrypted packets. I asked the same question on Wireshark forum
> and got a really nice response
> here:http://ask.wireshark.org/questions/12019/how-can-i-decrypt-ikev1-packets
>
> The problem is I cannot seem to find the encryption key for phase 1. I
> was asked to do this:
>
> Look for *ICOOKIE* and *enc key* in the Pluto debug log.
>
> gw205:/# ps auxww | grep pluto
> root 24522 0.0 0.3 12572 3488 ? Ss 15:46 0:00
> /usr/libexec/ipsec/pluto --nofork --debug-raw *--debug-crypt* --debug-parsing
> --debug-emitting --debug-control --nocrsend --nat_traversal --keep_alive 60
>
>
> I cannot find enc key in the /var/log/messages file, any idea where I can
> find this ? The enc key is needed for the decryption of ISAKMP packets in
> WireShark
>
> Also this is a lab test :)
>
> Thanks
> Chetan
======================================================================
Andreas Steffen [email protected]
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
