Connection edit - extra CRLF might append to the pre-shared key
When I create or edit a new connection, I usually copy/paste the string that goes into the "Use pre-shared key for authentication", because I usually got it by mail or a document. If that pre-shared key happens to be at the end of the line in the document a double-click operation may select the CRLF (or LF) along with the key, but this is totally unnoticed by the user.
Pasting this key with the CRLF into the editor will make its way down to /etc/ipsec.secrets file, which makes the pre-shared key invalid, as there will be a newline before the closing quotation mark.
The first sign of the error:
003 "/etc/ipsec.
003 "/etc/ipsec.
003 ERROR "/etc/ipsec.
003 "/etc/ipsec.
Sep 17 23:03:10 ub64-T400 ipsec__plutorun: 003 "/etc/ipsec.
Sep 17 23:03:10 ub64-T400 ipsec__plutorun: 003 "/etc/ipsec.
Sep 17 23:03:10 ub64-T400 ipsec__plutorun: 003 ERROR "/etc/ipsec.
Sep 17 23:03:10 ub64-T400 ipsec__plutorun: 003 "/etc/ipsec.
Last command timed out
And /etc/ipsec.secrets contains this:
# RSA private key for this host, authenticating it to any other host
# which knows the public part. Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".
#
%any 212.xx.xxx.xxx: PSK "presharedkey
"
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- Werner Jaeger
- Solved:
- Last query:
- Last reply: