NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Simple IPSEC client with certificate - phase 1 time out



Greg Troxel wrote:

> It seems to me that if a kernel with "option IPSEC" and w/o swcrypto
> doesn't work, then perhaps it should fail to config, or log an error at
> runtime.  (Perhaps swcrypto isn't required, and it's just that there
> must be some crypto provider.)

As far as I understand swcrypto registers software encryption algorithms in
the kernel for 3des, aes, blowfish, etc.. They are not explicitely required
as you may also use hardware for that.

-- 
Frank Wille



Home | Main Index | Thread Index | Old Index