Iyo OpenBSD Project yakazivisa kuburitswa kweOpenIKED 7.2, kuita kweiyo IKEv2 protocol yakagadziriswa neOpenBSD Project. Uku ndiko kuburitswa kwechina kweOpenIKED sepurojekiti yakaparadzana - zvikamu zveIKEv2 pakutanga zvaive chikamu chakakosha cheOpenBSD IPsec stack, asi zvakazopatsanurwa kuita pasuru inotakurika uye inogona kushandiswa pane mamwe masisitimu anoshanda. OpenIKED yakaedzwa paFreeBSD, NetBSD, macOS uye dzakasiyana Linux kugovera kunosanganisira Arch, Debian, Fedora uye Ubuntu. Iyo kodhi yakanyorwa muC uye inogoverwa pasi peISC rezinesi.
OpenIKED inokutendera kuti utumire IPsec-yakavakirwa chaiyo yakavanzika network. Iyo IPsec stack inoumbwa nemaprotocol makuru maviri: Key Exchange Protocol (IKE) uye Encrypted Transport Protocol (ESP). OpenIKED inoshandisa zvinhu zvekusimbisa, zvigadziriso, kuchinjana kwakakosha, uye kuchengetedza mutemo kuchengetedza, uye iyo protocol yekuvharidzira ESP traffic inowanzo pihwa neiyo inoshanda system kernel. Nzira dzechokwadi muOpenIKED dzinogona kushandisa makiyi akagovanwa kare, EAP MSCHAPv2 ine X.509 chitupa, uye RSA neECDSA makiyi eruzhinji.
Mushanduro itsva:
- Yakawedzerwa macounter ane manhamba eiyo iked yekumashure maitiro, ayo anogona kutariswa uchishandisa iyo 'ikectl show stats' kuraira.
- Iko kugona kutumira cheni dzetifiketi kune akawanda CERT payloads yakapihwa.
- Kuti uvandudze kuenderana neshanduro dzekare, mubhadharo une ID yemutengesi wawedzerwa.
- Kuvandudzwa kwekutsvaga kwemitemo uchifunga nezve srcnat pfuma.
- Kushanda neNAT-T muLinux kwakatangwa.
Source: opennet.ru