Purojekiti yeOpenBSD yakaburitsa OpenIKED 7.2, kushandiswa kweprotocol yeIKEv2 yakagadzirwa neprojekiti yeOpenBSD. Uku ndiko kuburitswa kwechina kweOpenIKED seprojekiti yakazvimiririra—zvikamu zveIKEv2 pakutanga zvaive chikamu chakakosha cheOpenBSD IPsec stack, asi zvakazopatsanurwa kuita package yakasiyana, inotakurika uye ikozvino inogona kushandiswa pane mamwe masisitimu ekushanda. OpenIKED yakaedzwa paFreeBSD, NetBSD, macOS uye kugoverwa kwakasiyana-siyana Linux, kusanganisira Arch, Debian, Fedora uye UbuntuKodhi yacho yakanyorwa neC uye inogoverwa pasi peISC rezinesi.
OpenIKED inokutendera kuti utumire IPsec-yakavakirwa chaiyo yakavanzika network. Iyo IPsec stack inoumbwa nemaprotocol makuru maviri: Key Exchange Protocol (IKE) uye Encrypted Transport Protocol (ESP). OpenIKED inoshandisa zvinhu zvekusimbisa, zvigadziriso, kuchinjana kwakakosha, uye kuchengetedza mutemo kuchengetedza, uye iyo protocol yekuvharidzira ESP traffic inowanzo pihwa neiyo inoshanda system kernel. Nzira dzechokwadi muOpenIKED dzinogona kushandisa makiyi akagovanwa kare, EAP MSCHAPv2 ine X.509 chitupa, uye RSA neECDSA makiyi eruzhinji.
Mushanduro itsva:
- Yakawedzerwa macounter ane manhamba eiyo iked kumashure maitiro, ayo anogona kutariswa nemurairo 'ikectl show stats'.
- Inopa kugona kutumira zvitupa cheni kune akawanda CERT payloads.
- Kuti uvandudze kuenderana neshanduro dzekare, mubhadharo une chiziviso chemutengesi wawedzerwa.
- Kuvandudzwa kwekutsvaga kwemitemo uchifunga nezve srcnat pfuma.
- Kushanda neNAT-T kwatangwa Linux.
Source: opennet.ru
